279 matches found
Important: python-reportlab security update
Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code execution CVE-2019-19450 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information...
RHEL 8 : python-reportlab (RHSA-2023:5789)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5789 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
RHEL 8 : python-reportlab (RHSA-2023:5787)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5787 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
RHEL 8 : python-reportlab (RHSA-2023:5788)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5788 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
RHEL 8 : python-reportlab (RHSA-2023:5786)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5786 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
RHEL 8 : python-reportlab (RHSA-2023:5790)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5790 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
ALSA-2023:5790 Important: python-reportlab security update
Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code execution CVE-2019-19450 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information...
SUSE SLED12 / SLES12 Security Update : python-reportlab (SUSE-SU-2023:4048-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:4048-1 advisory. - paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates...
SUSE-SU-2023:4048-1 Security update for python-reportlab
This update for python-reportlab fixes the following issues: - CVE-2019-19450: Fixed an issue which allowed remote code execution via startunichar in paraparser.py evaluating untrusted user input. bsc1215560...
python-reportlab security update
2.5-11 - Do not evaluate unichar element - Resolves: RHEL-7011...
Important: Red Hat Security Advisory: python-reportlab security update
An update for python-reportlab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
python-reportlab: code injection in paraparser.py allows code execution
A code injection vulnerability was found in python-reportlab that may allow an attacker to execute code while parsing a unichar element attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable and could allow remote code execution...
Oracle Linux 7 : python-reportlab (ELSA-2023-5616)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5616 advisory. 2.5-11 - Do not evaluate unichar element - Resolves: RHEL-7011 Tenable has extracted the preceding description block directly from the Oracle Linux security...
RHEL 7 : python-reportlab (RHSA-2023:5616)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5616 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
Remote Code Execution (RCE)
python-reportlab is vulnerable to Remote Code Execution RCE. A remote code execution is possible because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with unichar code=" followed by arbitrary Python code...
openSUSE 15 Security Update : python-reportlab (SUSE-SU-2023:3972-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:3972-1 advisory. - paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar elemen...
Amazon Linux 2 : python-reportlab (ALAS-2023-2285)
The version of python-reportlab installed on the remote host is prior to 2.5-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2285 advisory. paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untruste...
Important: python-reportlab
Issue Overview: paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with 'unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626...
SUSE-SU-2023:3972-1 Security update for python-reportlab
This update for python-reportlab fixes the following issues: - CVE-2019-19450: Fixed an issue which allowed remote code execution via startunichar in paraparser.py evaluating untrusted user input. bsc1215560...
Debian: Security Advisory (DLA-3590-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...