Homepage

weasyprint@47

The Awesome Document Factory

  • latest version

    68.1

  • latest non vulnerable version

    68.1

  • first published

    14 years ago

  • latest version published

    3 months ago

  • licenses detected

  • View weasyprint package health on Snyk  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the weasyprint package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Server-side Request Forgery (SSRF)

    weasyprint is a The Awesome Document Factory

    Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the default_url_fetcher function. An attacker can access internal network resources by exploiting automatic HTTP redirects that are not re-validated against security policies.

    How to fix Server-side Request Forgery (SSRF)?

    Upgrade weasyprint to version 68.0 or higher.

    [0.12,68.0)
    Go back to all versions of this package