curl_cffi, a Python binding for libcurl, contains a Server‑Side Request Forgery weakness (CWE‑918) that allows an attacker‑controlled URL to be requested without any restriction on internal address ranges. The library automatically follows HTTP redirects, so a malicious link can redirect traffic to internal services such as cloud metadata endpoints. In addition, curl_cffi’s TLS impersonation feature can make the outbound request appear as legitimate browser traffic, potentially evading network controls that rely on client certificates or TLS fingerprint checks. This flaw enables an attacker to discover and interact with internal resources that should otherwise remain isolated from external inputs.

All installations of the lexiforest curl_cffi package that are earlier than version 0.15.0—including the 0.15.0 beta releases (beta1 through beta4)—are affected. The issue is resolved in version 0.15.0 and later, which implements restrictions on target IP ranges and disables automatic redirect following for untrusted URLs.

The vulnerability carries a CVSS score of 8.6, indicating high severity, while the EPSS score is below 1%, suggesting that exploit attempts are currently rare. It is not listed in the CISA KEV catalog. The attack vector is remote: an attacker supplies a crafted URL that curl_cffi follows, resulting in internal service exposure and possible bypass of network controls via TLS impersonation. Successful exploitation allows an adversary to gather internal host information or interact with restricted services, potentially escalating privileges if those services are further compromised.