<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Premailer - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/vendors/premailer/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Thu, 09 Jul 2026 13:47:12 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/vendors/premailer/feed.xml" rel="self" type="application/rss+xml"/><item><title>Ruby CSS Parser Vulnerable to SSRF and Local File Disclosure via `read_remote_file`</title><link>https://feed.craftedsignal.io/briefs/2026-07-ruby-css-parser-ssrf-lfi/</link><pubDate>Thu, 09 Jul 2026 13:47:12 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-ruby-css-parser-ssrf-lfi/</guid><description>The `css_parser` library, specifically in versions up to and including 2.2.0, is vulnerable to Server-Side Request Forgery (SSRF) and local file disclosure through improper URI validation in the `CssParser::Parser#read_remote_file` method, allowing attackers to access internal network resources or read local files when processing attacker-controlled CSS.</description><content:encoded><![CDATA[<p>The Ruby <code>css_parser</code> library, specifically versions 2.2.0 and earlier, contains a critical vulnerability (SSRF and local file disclosure) within its <code>CssParser::Parser#read_remote_file</code> method. This function, utilized by <code>load_uri!</code> and the <code>@import</code>-following branch of <code>add_block!</code>, lacks proper validation, allowing HTTP/HTTPS requests to arbitrary hosts and ports, including internal, loopback, and RFC-1918 addresses. The vulnerability escalates to arbitrary local file disclosure when a malicious HTTP redirect leads to a <code>file://</code> URI. This flaw enables attackers to conduct internal network discovery, exfiltrate sensitive data from block-style configuration files, enumerate file existence, and perform Denial of Service attacks via decompression bombs or by triggering side-effecting GET requests on internal services. Applications like Premailer, which hand attacker-influenced CSS with a <code>base_uri:</code> option to <code>css_parser</code>, are particularly exposed, requiring only a single <code>@import url(...)</code> rule in the parsed CSS.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker crafts a malicious CSS stylesheet containing an <code>@import url(...)</code> directive, pointing to an attacker-controlled HTTP/HTTPS server.</li>
<li>A vulnerable application, which uses the <code>css_parser</code> library (version 2.2.0 or earlier) to process untrusted CSS with a <code>base_uri:</code> option (e.g., via Premailer), encounters the malicious <code>@import</code> rule.</li>
<li>The <code>css_parser</code> library's <code>CssParser::Parser#add_block!</code> or <code>Parser#load_uri!</code> methods invoke <code>read_remote_file</code> with the attacker-controlled URL.</li>
<li><strong>SSRF (Internal Network Access):</strong> The <code>read_remote_file</code> method makes an HTTP/HTTPS request to an internal target (e.g., <code>http://127.0.0.1:18080/admin-credentials</code>). If the response is CSS-shaped, its content can be exfiltrated via the application's output.</li>
<li><strong>Local File Disclosure (LFI) Escalation:</strong> The attacker-controlled server responds with an HTTP 302 redirect, sending a <code>Location:</code> header pointing to a <code>file://</code> URI (e.g., <code>Location: file:///etc/nginx/nginx.conf</code>).</li>
<li><code>read_remote_file</code> recursively follows this cross-scheme redirect and directly calls <code>File.read</code> on the specified local file path.</li>
<li>If the content of the local file is CSS-shaped (e.g., block-style configuration files like nginx configs, HCL, Caddy), it is parsed by <code>css_parser</code> and its contents (selectors, declarations) become recoverable via the parser's API.</li>
<li>The application then outputs the parsed CSS (e.g., Premailer renders it into HTML), effectively exfiltrating the sensitive local file content to the attacker.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>The vulnerability in <code>css_parser</code> allows for significant impact on systems processing untrusted CSS. Successful exploitation can lead to unauthorized access to internal network resources, including sensitive administrative interfaces and cloud metadata services (e.g., AWS IMDS, GCP/Azure equivalents). It facilitates arbitrary local file disclosure, potentially exposing critical system configurations, API keys, or other sensitive data, particularly from files structured in block-style DSLs (like nginx or HCL configuration files). Attackers can also use this flaw as a file-existence oracle to enumerate system filesystem layouts and installed software. Furthermore, the forced decompression functionality can be abused to trigger Denial of Service conditions through decompression bombs, exhausting system resources.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Upgrade the <code>css_parser</code> gem to a patched version immediately to remediate CVE-2024-XXXX (CVE ID will be assigned).</li>
<li>Implement strict input validation and sanitization for all CSS content originating from untrusted sources before it is processed by the <code>css_parser</code> library.</li>
<li>Configure network egress filtering to prevent unexpected outbound connections from application servers to internal IP ranges, loopback addresses, or the internet, for processes that should not initiate such connections.</li>
<li>Monitor application logs for unusual URI access attempts, particularly those attempting to access <code>file://</code> schemes or internal HTTP/HTTPS endpoints from CSS processing functions.</li>
</ul>
]]></content:encoded><category domain="severity">medium</category><category domain="type">advisory</category><category>ssrf</category><category>lfi</category><category>supply-chain</category><category>ruby</category><category>vulnerability</category><category>web-application</category></item></channel></rss>