Fedora 30 : python-reportlab (2020-d2fb999600)

Release 3.5.34 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc. Th...

[SECURITY] Fedora 30 Update: python-reportlab-3.5.34-2.fc30

This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats...

python-reportlab: code injection in colors.py allows attacker to execute code

A code injection vulnerability in python-reportlab allows an attacker to execute code while parsing a color attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable to this flaw and allow remote code execution...

Important: Red Hat Security Advisory: python-reportlab security update

An update for python-reportlab is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Scientific Linux Security Update : python-reportlab on SL7.x x86_64 (20200122)

Security Fixes : - python-reportlab: code injection in colors.py allows attacker to execute code CVE-2019-17626 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid133197; scriptversion"1.4";...

Scientific Linux Security Update : python-reportlab on SL6.x i386/x86_64 (20200121)

Security Fixes : - python-reportlab: code injection in colors.py allows attacker to execute code CVE-2019-17626 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid133193; scriptversion"1.4";...

RHEL 8 : python-reportlab (RHSA-2020:0201)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0201 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in colors.py allows attacker to...

Oracle Linux 8 : python-reportlab (ELSA-2020-0201)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-0201 advisory. 3.4.0-6.el810.2 - Fix Requires for doc subpackage - Resolves: 1788556 3.4.0-6.el810.1 - Do not eval strings passed to toColor - Resolves: 1788555 Tenable has...

Oracle Linux 7 : python-reportlab (ELSA-2020-0195)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0195 advisory. 2.5-9.el77.1 - Do not eval strings passed to toColor - Resolves: 1788552 2.5-9 - Mass rebuild 2014-01-24 2.5-8 - Mass rebuild 2013-12-27 2.5-7 - Rebuilt for...

Oracle Linux 6 : python-reportlab (ELSA-2020-0197)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0197 advisory. 2.3-3.el610.1 - Do not eval strings passed to toColor - Resolves: 1788551 Tenable has extracted the preceding description block directly from the Oracle Linux...

python-reportlab security update

2.5-9.el77.1 - Do not eval strings passed to toColor - Resolves: 1788552 2.5-9 - Mass rebuild 2014-01-24 2.5-8 - Mass rebuild 2013-12-27 2.5-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora19MassRebuild 2.5-6 - Add a dep on python-imaging to process images 2.5-5 - Rebuilt for...

RHEL 7 : python-reportlab (RHSA-2020:0195)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0195 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in colors.py allows attacker to...

RHEL 6 : python-reportlab (RHSA-2020:0197)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0197 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in colors.py allows attacker to...

python-reportlab security update

3.4.0-6.el810.2 - Fix Requires for doc subpackage - Resolves: 1788556 3.4.0-6.el810.1 - Do not eval strings passed to toColor - Resolves: 1788555...

Important: Red Hat Security Advisory: python-reportlab security update

An update for python-reportlab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

python-reportlab: code injection in colors.py allows attacker to execute code

A code injection vulnerability in python-reportlab allows an attacker to execute code while parsing a color attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable to this flaw and allow remote code execution...

python-reportlab: code injection in colors.py allows attacker to execute code

A code injection vulnerability in python-reportlab allows an attacker to execute code while parsing a color attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable to this flaw and allow remote code execution...

Important: Red Hat Security Advisory: python-reportlab security update

An update for python-reportlab is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

python-reportlab security update

2.3-3.el610.1 - Do not eval strings passed to toColor - Resolves: 1788551...

Remote Code Execution

ReportLab is vulnerable to remote code execution. This is due to the usage of toColorevalarg in colors.py, allowing a remote attacker to execute arbitrary Python code using a malicious XML document that utilizes 'span color="' followed by arbitrary Python code...