Server-side Request Forgery (SSRF)
Overview reportlab is a Python library for generating PDFs and graphics. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via img tags. In order to reduce risk, use trustedSchemes & trustedHosts see in Reportlab's documentation, introduced in version 3.5.55...