SSRF Defenses Bypassed via IPv6 Transition Prefixes, Multiple CVEs Linked to NAT64 Gaps

A defense-in-depth update has identified five IPv6 transition and reserved prefixes that can bypass traditional SSRF protections, including NAT64-wrapped routes to internal metadata services. The blocked ranges include 6to4, Teredo tunneling, NAT64 well-known and local-use prefixes, and a discard-only sinkhole prefix—each capable of wrapping or routing to IPv4 addresses that standard SSRF filters fail to catch.

The update follows research revealing that several recent SSRF CVEs and a disclosed HackerOne bounty against Ruby's `ssrf_filter` library exploited a specific gap: libraries blocking the NAT64 well-known prefix `64:ff9b::/96` but missing the RFC 8215 local-use prefix `64:ff9b:1::/48`. On hosts configured to route the local-use prefix, attackers could reach internal IPv4 endpoints through IPv6 wrapping, completely bypassing existing filters. The finding underscores how incomplete prefix coverage in SSRF validators creates exploitable blind spots, particularly in environments with IPv6-only deployments or dual-stack configurations.

The hardening adds these prefixes to `PRIVATE_IP_RANGES`, introduces an operator opt-in for IPv6-only infrastructure, and implements NAT64-wrapped IMDS hardening across both validators. Cloud-native architectures relying on Instance Metadata Services (IMDS) face heightened exposure when SSRF filters fail to account for IPv6 transition mechanisms. The update signals a broader recognition that legacy IPv4-centric SSRF defenses are insufficient in modern network topologies, where tunneling protocols and translation prefixes create alternate paths to restricted resources. Organizations running dual-stack or IPv6-only deployments should audit SSRF filter configurations against the full set of transition prefixes to identify potential bypass vectors.