DEBIAN-CVE-2019-17626

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

CVE-2019-17626

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

CVE-2019-17626

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

PYSEC-2019-47

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

PYSEC-2019-117

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with '...

UBUNTU-CVE-2019-17626

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

Remote code execution

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

PYSEC-2019-117

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

CVE-2019-17626

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

bookscrape (>=0.0.1.dev1 <=0.0.2b7), codeforlife-portal (>=1.1.1 <=2.28.1) +53 more potentially affected by CVE-2019-17626 via reportlab (>=3.1.44 <=3.5.26)

reportlab PYPI version =3.1.44, =0.0.1.dev1, =1.1.1, =0.7.0, =0.1.0, =0.0.2, =1.1.0, =2.7.0, =2.3.0.18073018, =2.3.0.18070609, =2.3.0.18070422, =0.1.0, =0.733.0, =0.736.0 and more Source cves: CVE-2019-17626 Source advisory: OSV:PYSEC-2019-117...

CVE-2019-17626

Affected software: python-reportlab (ReportLab) prior to 3.5.31. Root causes reported: in colors.py, toColor(eval(arg)) used on crafted XML; in paraparser.py, start_unichar evaluating untrusted input within a unichar element.Impact: remote code execution via crafted XML document. Remediation: upg...

CVE-2019-17626

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

CVE-2019-17626

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

CVE-2019-17626

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

ReportLab Code Execution Vulnerability

ReportLab is an open source engine for creating data-driven PDF documents and custom vector graphics. A code execution vulnerability exists in ReportLab 3.5.26 and earlier versions that can be exploited by remote attackers to execute code...

PT-2019-5892 · Reportlab +4 · Reportlab +4

Name of the Vulnerable Software and Affected Versions: ReportLab versions prior to 3.5.27 Description: The issue is related to the toColorevalarg function in the ReportLab library, which is connected to an error in processing XML documents. This can be exploited by a remote attacker to gain acces...

MDKA-2007:112 : python-reportlab

The python-reportlab package shipped in Mandriva 2008.0 caused xend to crash on each call to the xm tool, for invalid pointer usage in the python interpretter. This update provides version 2.1 and corrects this issue. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the...

Mandriva Update for python-reportlab MDKA-2007:112 (python-reportlab)

Check for the Version of python-reportlab OpenVAS Vulnerability Test Mandriva Update for python-reportlab MDKA-2007:112 python-reportlab Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribut...

Mandriva Update for python-reportlab MDKA-2007:112 (python-reportlab)

Check for the Version of python-reportlab OpenVAS Vulnerability Test Mandriva Update for python-reportlab MDKA-2007:112 python-reportlab Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribut...