mirror of
https://github.com/open-webui/open-webui.git
synced 2026-07-15 21:19:39 -05:00
[PR #18962] [CLOSED] Fix SSRF vulnerability in web fetch endpoint (GHSA-c6xv-rcvw-v685) #11833
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/open-webui/open-webui/pull/18962
Author: @teorepo
Created: 11/6/2025
Status: ❌ Closed
Base:
main← Head:fix/ssrf-ghsa-c6xv-rcvw-v685📝 Commits (1)
1235ca8Fix SSRF vulnerability in web fetch endpoint (GHSA-c6xv-rcvw-v685)📊 Changes
4 files changed (+284 additions, -0 deletions)
View changed files
📝
backend/open_webui/config.py(+19 -0)📝
backend/open_webui/main.py(+6 -0)➕
backend/open_webui/retrieval/ssrf_protection.py(+207 -0)📝
backend/open_webui/routers/retrieval.py(+52 -0)📄 Description
Description
This PR fixes the SSRF (Server-Side Request Forgery) vulnerability reported in GHSA-c6xv-rcvw-v685.
Changes
Security Impact
Fixes CWE-918: Server-Side Request Forgery vulnerability that could allow attackers to access internal network resources and cloud metadata endpoints.
Testing
ENABLE_SSRF_PROTECTIONenv variableConfiguration
Admins can customize the protection via environment variables:
Backward Compatibility
Reported-by: @teorepo
Security: Fixes GHSA-c6xv-rcvw-v685 (CWE-918)
contributor license agreement
🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.