Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2019-19450HistorySep 20, 2023 - 2:15 p.m.
CVE-2019-19450
2023-09-2014:15:12
Debian Security Bug Tracker
security-tracker.debian.org
21
cve-2019-19450
reportlab
remote code execution
paraparser
xml document
unichar element
0.006 Low
EPSS
Percentile
78.8%
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with ‘<unichar code="’ followed by arbitrary Python code, a similar issue to CVE-2019-17626.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | python-reportlab | < 3.5.31-1 | python-reportlab_3.5.31-1_all.deb |
| Debian | 11 | all | python-reportlab | < 3.5.31-1 | python-reportlab_3.5.31-1_all.deb |
| Debian | 10 | all | python-reportlab | < 3.5.13-1+deb10u2 | python-reportlab_3.5.13-1+deb10u2_all.deb |
| Debian | 999 | all | python-reportlab | < 3.5.31-1 | python-reportlab_3.5.31-1_all.deb |
| Debian | 13 | all | python-reportlab | < 3.5.31-1 | python-reportlab_3.5.31-1_all.deb |
Related
nessus
nessus
Oracle Linux 7 : python-reportlab (ELSA-2023-5616)
2023-10-10 00:00:00
Fedora 39 : python-reportlab (2024-6ec4e78241)
2024-04-28 00:00:00
CentOS 8 : python-reportlab (CESA-2023:5790)
2024-02-08 00:00:00
cve
cve
CVE-2019-19450
2023-09-20 14:15:12
CVE-2019-17626
2019-10-16 12:15:12
redhatcve
redhatcve
CVE-2019-19450
2023-09-22 04:54:14
CVE-2019-17626
2020-01-27 10:06:47
osv
osv
ReportLab vulnerable to remote code execution via paraparser
2023-09-20 15:30:51
Important: python-reportlab security update
2023-10-17 00:00:00
PYSEC-2019-117
2019-10-16 12:15:00
cvelist
cvelist
CVE-2019-19450
2023-09-20 00:00:00
CVE-2019-17626
2019-10-16 11:29:38
amazon
amazon
Important: python-reportlab
2023-09-27 22:49:00
Important: python-reportlab
2020-02-05 16:34:00
ubuntucve
ubuntucve
CVE-2019-19450
2023-09-20 00:00:00
CVE-2019-17626
2019-10-16 00:00:00
prion
prion
Remote code execution
2023-09-20 14:15:00
Remote code execution
2019-10-16 12:15:00
github
github
ReportLab vulnerable to remote code execution via paraparser
2023-09-20 15:30:51
XML Injection in ReportLab
2022-05-24 22:00:57
openvas
openvas
Debian: Security Advisory (DLA-3590-1)
2023-10-02 00:00:00
CentOS: Security Advisory for python-reportlab (CESA-2023:5616)
2024-03-05 00:00:00
openSUSE: Security Advisory for python (SUSE-SU-2023:3972-1)
2024-03-04 00:00:00
almalinux
almalinux
Important: python-reportlab security update
2023-10-17 00:00:00
redhat
redhat
(RHSA-2023:5616) Important: python-reportlab security update
2023-10-10 14:35:13
(RHSA-2023:5787) Important: python-reportlab security update
2023-10-17 13:33:05
(RHSA-2023:5786) Important: python-reportlab security update
2023-10-17 13:32:35
centos
centos
python security update
2024-02-20 14:49:49
python security update
2020-01-28 21:23:46
python security update
2020-01-28 21:28:12
fedora
fedora
[SECURITY] Fedora 40 Update: python-reportlab-4.2.0-1.fc40
2024-04-28 03:18:20
[SECURITY] Fedora 39 Update: python-reportlab-4.2.0-1.fc39
2024-04-28 03:29:47
[SECURITY] Fedora 30 Update: python-reportlab-3.5.34-2.fc30
2020-01-26 01:01:16
oraclelinux
oraclelinux
python-reportlab security update
2023-10-19 00:00:00
python-reportlab security update
2023-10-11 00:00:00
python-reportlab security update
2020-01-22 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2023-10-08 05:35:22
Remote Code Execution
2019-10-17 03:15:30
gentoo
gentoo
ReportLab: Arbitrary code execution
2020-07-27 00:00:00
ubuntu
ubuntu
ReportLab vulnerability
2020-02-06 00:00:00
mageia
mageia
Updated python-reportlab packages fix security vulnerability
2020-01-28 10:52:40
debian
debian
[SECURITY] [DSA 4663-1] python-reportlab security update
2020-04-25 09:51:45
debiancve
debiancve
CVE-2019-17626
2019-10-16 12:15:12
redos
redos
ROS-20240524-02
2024-05-24 00:00:00