# F-DIST-PROXY-SSRF-001 fix summary

issue: Pull-Through Cache Credential Exfiltration via WWW-Authenticate Realm

fix approach:
- apply the recommended fix to address the vulnerability

repro:
```bash
unzip -q -o poc.zip -d poc && cd poc/poc-F-DIST-PROXY-SSRF-001 && make verify
```

notes:
- deterministic PoC verified. see poc.zip → make verify.
- e2e.zip: not included