Product
The `css_parser` library, specifically in versions up to and including 2.2.0, is vulnerable to Server-Side Request Forgery (SSRF) and local file disclosure through improper URI validation in the `CssParser::Parser#read_remote_file` method, allowing attackers to access internal network resources or read local files when processing attacker-controlled CSS.