WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery (SSRF) protection bypass exists in WeasyPrint's `d…

A server-side request forgery (SSRF) protection bypass vulnerability exists in WeasyPrint's default_url_fetcher prior to version 68.0. The vulnerability allows attackers to access internal network resources including localhost services and cloud metadata endpoints, even when developers have implemented custom url_fetcher security controls. The issue occurs because the underlying urllib library automatically follows HTTP redirects without re-validating destinations against security policies. This bypass can lead to unauthorized access to internal systems and sensitive cloud metadata. Version 68.0 includes a patch that addresses this vulnerability.