{"id":"PYSEC-2026-577","summary":"rok Python ProxyShare can be used as an SSRF proxy through absolute URL paths","details":"## Summary\n\nAlice exposes a Python SDK `ProxyShare` with a fixed target URL. Bob sends a request to the share with an absolute URL in the path. The Flask handler passes that path to `urllib.parse.urljoin`, which replaces Alice's configured target host with Bob's host and returns the server-side response to Bob.\n\n## Details\n \nThe Python SDK proxy route accepts every path under the share:\n\n```python\n@app.route('/', defaults={'path': ''}, methods=['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'])\n@app.route('/\u003cpath:path\u003e', methods=['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'])\ndef proxy(path):\n```\n\nIt constructs the outbound URL with `urljoin` and then sends the request:\n\n```python\nurl = urllib.parse.urljoin(self.target, path)\nresp = requests.request(\n    method=request.method,\n    url=url,\n    headers={key: value for (key, value) in request.headers\n             if key.lower() not in HOP_BY_HOP_HEADERS},\n    data=request.get_data(),\n    cookies=request.cookies,\n    allow_redirects=False,\n    stream=True,\n    verify=self.verify_ssl\n)\n```\n\nWhen `path` is `[http://127.0.0.1:19190/metadata`](http://127.0.0.1:19190/metadata%60), `urljoin(self.target, path)` returns `[http://127.0.0.1:19190/metadata`](http://127.0.0.1:19190/metadata%60). The proxy sends the request to Bob's chosen URL rather than Alice's target.","aliases":["CVE-2026-45568","GHSA-jh67-hwqw-m5r7"],"modified":"2026-07-01T20:23:12.283893Z","published":"2026-06-29T11:50:50.353793Z","references":[{"type":"WEB","url":"https://github.com/openziti/zrok/security/advisories/GHSA-jh67-hwqw-m5r7"},{"type":"PACKAGE","url":"https://github.com/openziti/zrok"},{"type":"PACKAGE","url":"https://pypi.org/project/zrok"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-jh67-hwqw-m5r7"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45568"}],"affected":[{"package":{"name":"zrok","ecosystem":"PyPI","purl":"pkg:pypi/zrok"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0.4.47"},{"last_affected":"1.1.11"}]}],"versions":["0.4.47","0.4.48","0.4.49","1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.0.6","1.0.7","1.0.8","1.1.0","1.1.1","1.1.10","1.1.11","1.1.2","1.1.3","1.1.5","1.1.7","1.1.8","1.1.9"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/zrok/PYSEC-2026-577.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:L"}]}