Server-side Request Forgery (SSRF)

Overview open-websearch is a web search the internet Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchWebContent process. An attacker can access internal network resources and retrieve sensitive information by supplying specially crafted URLs that...

open-websearch has SSRF in `fetchWebContent` MCP tool: bracketed IPv6 literals and non-resolving hostname check bypass `isPrivateOrLocalHostname`

Summary src/utils/urlSafety.ts exposes isPublicHttpUrl / assertPublicHttpUrl, used to gate the MCP fetchWebContent tool against private-network targets. The check has two defects that together allow non-blind SSRF with the response body returned to the caller: 1. Bracketed IPv6 literals are never...

GHSA-V228-72C7-FX8J open-websearch has SSRF in `fetchWebContent` MCP tool: bracketed IPv6 literals and non-resolving hostname check bypass `isPrivateOrLocalHostname`

Summary src/utils/urlSafety.ts exposes isPublicHttpUrl / assertPublicHttpUrl, used to gate the MCP fetchWebContent tool against private-network targets. The check has two defects that together allow non-blind SSRF with the response body returned to the caller: 1. Bracketed IPv6 literals are never...

PT-2026-37255

Name of the Vulnerable Software and Affected Versions Open-WebSearch versions prior to 2.1.7 Description An issue exists in the isPublicHttpUrl and assertPublicHttpUrl functions within src/utils/urlSafety.ts that allows non-blind Server-Side Request Forgery SSRF, where the response body is return...