CVE-2025-68616: WeasyPrint Vulnerable to Server-Side Request Forgery (SSRF) Protection Bypass via HTTP Redirect
WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery (SSRF) protection bypass exists in WeasyPrint's `default_url_fetcher`. The vulnerability allows attackers to access internal network resources (such as `localhost` services or cloud metadata endpoints) even when a developer has implemented a custom `url_fetcher` to block such access. This occurs because the underlying `urllib` library follows HTTP redirects automatically without re-validating the new destination against the developer's security policy. Version 68.0 contains a patch for the issue.
Security readout for executives and security teams
Plain-English summary
WeasyPrint before 68.0 can be tricked into fetching internal URLs during PDF generation if a blocked URL redirects to an internal target. This can expose sensitive internal services or cloud metadata when applications render attacker-controlled or untrusted HTML into PDFs.
Executive priority
Prioritize remediation for internet-facing or multi-tenant PDF generation services. The business risk is unauthorized internal data exposure, not broad system takeover, but cloud metadata or internal admin services can make impact significant.
Technical view
The issue is an SSRF protection bypass in WeasyPrint's default_url_fetcher. Developer-supplied filtering can block the original URL, but urllib follows HTTP redirects automatically and the redirected destination is not revalidated against that policy. Version 68.0 patches the issue.
Likely exposure
Exposure is most likely where WeasyPrint prior to 68.0 renders untrusted HTML, templates, or user-controlled URLs, especially in environments with access to internal services, localhost-only endpoints, or cloud metadata services.
Exploitation context
The bundle marks KEV as false, and the provided sources do not establish active exploitation. The attack requires an application path that lets an attacker influence resources fetched by WeasyPrint during PDF generation.
Researcher notes
Evidence supports CWE-918 SSRF and CWE-601 redirect behavior. The key defensive question is whether redirects are evaluated against the same allow or deny policy as the original URL. The provided evidence does not include exploit prevalence.
Mitigation direction
Upgrade WeasyPrint to version 68.0 or later.
Check vendor or distribution guidance for packaged WeasyPrint builds.
Restrict PDF rendering workloads from reaching internal services where possible.
Review custom url_fetcher logic for redirect destination validation assumptions.
Validation and detection
Inventory applications and containers using WeasyPrint versions before 68.0.
Identify PDF generation paths that process untrusted HTML or external resources.
Confirm deployed packages resolve to WeasyPrint 68.0 or a patched downstream build.
Review tests to ensure redirected destinations are revalidated by policy.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · medium confidence lookup
CWE-601: User-session and phishing behavior lookup
Client-side and session-facing weaknesses should be reviewed alongside initial-access and user-execution behaviors. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
CWE-918: Information exposure and cloud metadata lookup
Information exposure and SSRF weaknesses can make discovery, cloud metadata, and credential material review relevant. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
The CVE wording references SSRF or metadata access, so cloud discovery and credential material review may help. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-601 · source CWE mapping
URL Redirection to Untrusted Site ('Open Redirect')
URL Redirection to Untrusted Site ('Open Redirect') represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.
Server-Side Request Forgery (SSRF) represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.