| शीर्षक | vercel ai @ai-sdk/[email protected] Server-Side Request Forgery (SSRF) (CWE-918) |
|---|
| विवरण | # Technical Details
A Blind Server-Side Request Forgery (SSRF) bypass vulnerability exists in the `downloadBlob` method in `packages/provider-utils/src/download-blob.ts` of vercel/ai.
The application fails to prevent malicious HTTP redirects from communicating with internal architectures. The `validateDownloadUrl` function enforces SSRF IP blocklists stringently on the primary passed URL, but fails to accommodate the native Node.js `fetch()` mechanism dynamically executing 3xx HTTP redirects back to internal networks before performing post-flight validations.
# Vulnerable Code
File: packages/provider-utils/src/download-blob.ts
Method: downloadBlob
Why: An inherent Time-of-Check to Time-of-Use logic error. `fetch()` conducts automatic transparent redirect following, so by the time `if (response.redirected) validateDownloadUrl(response.url)` invokes, the `GET` request has already effectively landed on the private/internal target.
# Reproduction
1. Start an attacker-controlled HTTP server configured to return HTTP 302 redirects with a `Location` header to `http://127.0.0.1:9091/admin/delete`.
2. Formulate and submit an image fetch request payload pointing toward the external attacker IP.
3. The SDK logic successfully skips initial constraints, triggering the `fetch()`. The attacker server answers 302, bouncing the Node logic cleanly into executing the internal request path successfully.
# Impact
- Internal State Alteration: Capable of triggering arbitrary state-changing HTTP GET paths on loopback administrative APIs without authorization.
- Disclosure risks toward unpatched AWS Metadata endpoint architectures. |
|---|
| स्रोत | ⚠️ https://gist.github.com/YLChen-007/cf7e47e4dda392f474ca77a66d1d847f |
|---|
| उपयोगकर्ता | Eric-f (UID 96873) |
|---|
| सबमिशन | 23/04/2026 02:47 PM (1 महीना पहले) |
|---|
| संयम | 17/05/2026 11:28 AM (24 days later) |
|---|
| स्थिति | प्रतिलिपि |
|---|
| VulDB प्रविष्टि | 364393 [vercel ai तक 3.0.97 provider-utils download-blob.ts validateDownloadUrl अधिकार वृद्धि] |
|---|
| अंक | 0 |
|---|