← Bug classes
CWE-918 · Server-Side Request Forgery (SSRF)

Server-Side Request Forgery

CWE-918 3 case studies

Server-Side Request Forgery lets an attacker make the server issue HTTP requests to destinations of their choosing — internal services not exposed to the internet, cloud metadata endpoints (169.254.169.254), or loopback addresses. In cloud environments, reaching the metadata service often yields IAM credentials that escalate to full account takeover.

SSRF is particularly hard to catch in review because the vulnerability is often in the validation logic rather than the fetch call. An allow-list check that uses string prefix matching can be bypassed with URL redirects, IPv6 representations, percent-encoding, or DNS rebinding. The ip package SSRF (CVE-2024-29415) exploited exactly this: an IP canonicalization library gave incorrect "private" verdicts for some IPv6 representations of private ranges.

PullLight looks for server-side HTTP calls where the URL is directly or indirectly user-controlled, examines the validation code before the call for bypass-able allow/block list patterns, and flags WebSocket upgrade handlers and proxy endpoints — both common SSRF vectors that are easy to overlook in PRs.

Case studies in this class

8.7
CVSS
CVE-2024-39338
SSRF via NO_PROXY Environment Variable Bypass
CVE-2024-39338 — axios SSRF
axios
8.6
CVSS
CVE-2026-44578
WebSocket Upgrade Handler SSRF
CVE-2026-44578 — Next.js WebSocket SSRF
next
8.1
CVSS
CVE-2024-29415
SSRF via IPv4/IPv6 Canonicalization Bypass
CVE-2024-29415 — ip Package SSRF Bypass
ip

Frequently asked questions

What is Server-Side Request Forgery (SSRF)?
SSRF is a vulnerability where an attacker can cause the server to make HTTP requests to an attacker-specified destination, potentially reaching internal services, cloud metadata APIs, or other systems that should not be publicly accessible.
How do you prevent SSRF?
Validate URLs with an allowlist of approved hosts/schemas, resolve hostnames before validating and recheck after resolution, block all RFC 1918 / link-local ranges, and disable HTTP redirects or re-validate after each redirect.
Can AI catch SSRF in code review?
Yes — AI review is effective at spotting cases where user input reaches a fetch/HTTP client call and where the validation logic is bypassable, including cases where the taint passes through intermediary functions.
Has PullLight caught real SSRF vulnerabilities?
Yes. PullLight flagged SSRF in axios (CVE-2024-39338, CVSS 8.7), the ip package (CVE-2024-29415, CVSS 8.1), and Next.js WebSocket handler (CVE-2026-44578, CVSS 8.6).
PullLight catches Server-Side Request Forgery in live code review.
Hooks into GitHub PRs automatically — flags taint flows, not just lint rules.
Try the live demo →
See an example review comment: Browse AI code review examples →