# Vulnerability Summary ## Overview - **Vulnerability ID**: #802062 - **Vulnerability Name**: dmitryglhf mcp-url-downloader 0.1.0 Server-Side Request Forgery - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Reporter**: SmallW (UID 97245) - **Status**: Fixed ## Impact Scope - **Affected Software**: `mcp-url-downloader` - **Affected Version**: 0.1.0 - **Description**: `mcp-url-downloader` attempts to defend against SSRF by parsing the caller-provided URL and blocking `localhost` and link-local addresses. However, this protection is only applied to the original URL. The actual download code creates an `httpx.AsyncClient(..., follow_redirects=True)` and executes HEAD and GET requests without validating the redirect target. An attacker can provide a publicly accessible URL that responds with a 302 or 307 redirect to internal resources (such as `http://127.0.0.1:8080/`, `http://x.x.x.x/latest/meta-data/`, or other private services). The downloader will automatically follow the redirect and save the internal response body to disk. ## Remediation - **Fix Status**: Fixed - **Fixed Version**: 0.1.0 - **Fix Commit**: `dmitryglhf mcp-url-downloader up to 4b0c2d55f5e6884a77d108e8a04a5b8e4394c6 server.py_validate_url_safe_url server-side request forgery` - **Fix Link**: [GitHub Issues](https://github.com/dmitryglhf/url-downloader-mcp/issues/2)