requests-hardened CVE-2026-42175
MEDIUMSeverity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Lifecycle Timeline
2DescriptionGitHub Advisory
The SSRF protection in requests-hardened prior to version 1.2.1 fails to block IP addresses within the RFC 6598 Shared Address Space (100.64.0.0/10). An attacker who can supply arbitrary URLs to requests-hardened could exploit this gap to access internal services hosted within 100.64.0.0/10. This is for example relevant in environments such as AWS EKS where 100.64.0.0/10 is commonly used as the default pod CIDR.
The impact is environment-dependent, deployments that utilize the affected CIDR range for internal networking are exposed to SSRF bypass, while others may not be affected.
The issue is resolved in version 1.2.1 by extending the IP filtering logic to explicitly block the RFC 6598 range in addition to standard private addresses, as well as blocking all other reserved addresses (such as multicast) to prevent the re-occurrence of similar issues.
Version 1.2.1 is now blocking the following CIDRs:
192.88.99.0/24- 6to4 relay anycast100.64.0.0/10- CG-NAT5f00::/16- IPv6 Segment Routing64:ff9b::/96- used for IPv6 & IPv4 translation (NAT64)2001:20::/28- ORCHIDv2 (overlay identifiers)224.0.0.0/4- multicastff00::/8- multicast
Resources
- https://github.com/python/cpython/issues/119812
- https://github.com/saleor/requests-hardened/commit/b7403f88d3b3689e57435b75b51691a160aaeef5 - the fix itself
- https://github.com/saleor/requests-hardened/commit/a266b3958bb142bca515b3c230fdea19fbda327c - follow up, adding additional support for outdated Python versions (
3.11.9and3.10.11instead of only3.11.15and3.10.20) - https://github.com/saleor/requests-hardened/releases/tag/v1.2.1
AnalysisAI
Server-side request forgery in requests-hardened prior to 1.2.1 allows remote attackers to bypass SSRF protection and access internal services within RFC 6598 Shared Address Space (100.64.0.0/10) by supplying arbitrary URLs, particularly impacting AWS EKS deployments where this CIDR is the default pod network. The vulnerability has a CVSS score of 6.5 and is environment-dependent, affecting only deployments using the vulnerable IP range for internal networking. Vendor-released patch: version 1.2.1 extends IP filtering logic to block RFC 6598, 6to4 relay anycast, IPv6 reserved ranges, and multicast addresses.
Technical ContextAI
requests-hardened is a Python library (pkg:pip/requests-hardened) that wraps the requests HTTP library with SSRF protection by filtering outbound requests to internal IP ranges. The vulnerability stems from incomplete IP range validation in the ip_filter.py module (CWE-918: Server-Side Request Forgery). The SSRF protection mechanism should block requests to reserved, private, and link-local IP ranges to prevent attackers from pivoting through a trusted HTTP client to access internal infrastructure. Prior to version 1.2.1, the filtering logic failed to account for RFC 6598 Carrier-Grade NAT (CG-NAT) address space (100.64.0.0/10), which is commonly allocated in containerized environments like AWS EKS for pod-to-pod communication. The fix adds explicit blocking of seven additional CIDR ranges: 192.88.99.0/24, 100.64.0.0/10, 5f00::/16, 64:ff9b::/96, 2001:20::/28, 224.0.0.0/4, and ff00::/8, as well as backfilling support for outdated Python versions 3.10.11 and 3.11.9 that lack proper ipaddress module coverage.
RemediationAI
Vendor-released patch: upgrade requests-hardened to version 1.2.1 or later immediately. For Python 3.10 and 3.11 users, ensure the patched version is installed from https://github.com/saleor/requests-hardened/releases/tag/v1.2.1, which includes backports for Python 3.10.11 and 3.11.9 via commit a266b3958bb142bca515b3c230fdea19fbda327c. If immediate patching is not feasible, implement network-level controls by blocking outbound HTTP/HTTPS requests from application servers to the 100.64.0.0/10 range using firewall rules or network policies (in Kubernetes, use NetworkPolicy to deny traffic to 100.64.0.0/10). This mitigates the specific SSRF gap but does not address other reserved ranges now blocked in 1.2.1, and requires ongoing manual maintenance. Additionally, validate and sanitize all user-supplied URLs in the application layer before passing them to requests-hardened, restricting to allowlisted domains where feasible. This eliminates reliance on requests-hardened as the sole security boundary. See https://github.com/saleor/requests-hardened/security/advisories/GHSA-vh75-fwv3-pqrh for the full advisory.
Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t
BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser
pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph
pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse
Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/
pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne
Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301
Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-vh75-fwv3-pqrh