PT-2026-52867 · Pypi · Crawl4Ai
Published
2026-06-16
·
Updated
2026-06-16
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Summary
Three backward-compatible hardening fixes in the Docker API server. The headline issue is an arbitrary file write via the screenshot/PDF
output path.1. Arbitrary file write via output path symlink / TOCTOU (primary)
POST /screenshot and POST /pdf accept an output path constrained to ALLOWED OUTPUT DIR by validate output path. The 0.8.7 check was string-only: it did not resolve symlinks, so a symlinked path component inside the output directory could redirect the write outside the directory, and the final open() followed symlinks. On a deployment where the runtime user can write executable/cron locations this is an arbitrary-write to code-execution primitive. The API is unauthenticated by default.Fix:
validate output path now resolves the real path (symlinks) of the parent and re-checks containment, and the write uses O NOFOLLOW (write output file). output path remains supported.2. CRLF log injection (CWE-117)
User-controlled URLs/errors reflected into log lines could embed CR/LF and forge additional log entries. Fix: a logging filter strips CR/LF/control characters from all records.
3. Webhook request-header injection (CWE-93/CWE-113)
User-supplied webhook headers were sent verbatim, allowing CRLF and hop-by-hop / sensitive header injection on the outbound webhook request. Fix: webhook headers are validated (name pattern, no control characters, deny
Host/Content-Length/Transfer-Encoding/Authorization/Cookie/...), with early request-time rejection.Impact
Arbitrary file write (potential code execution) for #1; log forging for #2; request smuggling / header injection on outbound webhooks for #3.
Workarounds
- Upgrade to the patched version.
- Enable authentication (
CRAWL4AI API TOKEN). - Run the container with a read-only root filesystem.
Credits
Internal security audit (Crawl4AI maintainers).
Fix
Link Following
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Crawl4Ai