PT-2026-3446 · Unknown · Weasyprint

Published

2026-01-19

Updated

2026-01-21

CVE-2025-68616

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions WeasyPrint versions prior to 68.0

Description WeasyPrint is a tool used by web developers to generate PDF documents. A server-side request forgery (SSRF) protection bypass exists in WeasyPrint’s default url fetcher for versions prior to 68.0. This allows attackers to access internal network resources, such as localhost services or cloud metadata endpoints, even when a developer has implemented a custom url fetcher to block such access. The issue occurs because the urllib library automatically follows HTTP redirects without re-validating the new destination against the developer’s security policy. The vulnerable component is the default url fetcher.

Recommendations Update to WeasyPrint version 68.0 or later.

Exploit

Fix

SSRF

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918CWE-601

Related Identifiers

CVE-2025-68616

GHSA-983W-RHVV-GWMV

OPENSUSE-SU-2026:10079-1

OPENSUSE-SU-2026:20069-1

Affected Products

Weasyprint

PT-2026-3446 · Unknown · Weasyprint

CVE-2025-68616

Weakness Enumeration

Related Identifiers

Affected Products

References · 18