Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2020-28463

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of package reportlab are vulnerable to Server-side Request Forgery SSRF via img tags. In order to reduce risk, use trustedSchemes & trustedHosts se...

6.5CVSS6.5AI score0.01487EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 8 : quay_quay-rhel8 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-reportlab: Server-side request forgery via img tags CVE-2020-28463 Note that Nessus has not tested for this...

6.5CVSS6.7AI score0.01487EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/10/02 12:0 a.m.26 views

Debian: Security Advisory (DLA-3590-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.04452EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.3 views

SUSE CVE-2020-28463

All versions of package reportlab are vulnerable to Server-side Request Forgery SSRF via img tags. In order to reduce risk, use trustedSchemes & trustedHosts see in Reportlab's documentation Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos ...

5CVSS7.7AI score0.01487EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/10/30 12:0 a.m.24 views

Fedora: Security Advisory for python-reportlab (FEDORA-2021-04bfae8300)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.9AI score0.01487EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/09/24 12:0 a.m.34 views

SUSE SLED12 / SLES12 Security Update : python-reportlab (SUSE-SU-2021:3209-1)

The remote SUSE Linux SLED12 / SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2021:3209-1 advisory. - CVE-2020-28463: Fixed Server-side Request Forgery via img tags bsc1182503. - Add missing import in CVE-2020-28463 fix bsc1190110. Tenable has...

6.5CVSS6.8AI score0.01487EPSS
Exploits1References5
OSV
OSV
added 2021/09/23 2:20 p.m.4 views

SUSE-SU-2021:3209-1 Security update for python-reportlab

This update for python-reportlab fixes the following issues: - CVE-2020-28463: Fixed Server-side Request Forgery via img tags bsc1182503. - Add missing import in CVE-2020-28463 fix bsc1190110...

6.5CVSS6.8AI score0.01487EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/08/14 12:0 a.m.34 views

openSUSE 15 Security Update : python-reportlab (openSUSE-SU-2021:1147-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1147-1 advisory. - All versions of package reportlab are vulnerable to Server-side Request Forgery SSRF via img tags. In order to reduce risk, use trustedSchemes &...

6.5CVSS6.6AI score0.01487EPSS
Exploits1References4
OSV
OSV
added 2021/08/13 4:5 a.m.3 views

OPENSUSE-SU-2021:1147-1 Security update for python-reportlab

This update for python-reportlab fixes the following issues: - CVE-2020-28463: Fixed Server-side Request Forgery via img tags bsc1182503. This update was imported from the SUSE:SLE-15:Update update project...

6.5CVSS6.5AI score0.01487EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/08/13 12:0 a.m.15 views

openSUSE: Security Advisory for python-reportlab (openSUSE-SU-2021:1147-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.8AI score0.01487EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.34 views

openSUSE 15 Security Update : python-reportlab (openSUSE-SU-2021:2641-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2641-1 advisory. - All versions of package reportlab are vulnerable to Server-side Request Forgery SSRF via img tags. In order to reduce risk, use trustedSchemes &...

6.5CVSS6.6AI score0.01487EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/08/10 12:0 a.m.16 views

openSUSE: Security Advisory for python-reportlab (openSUSE-SU-2021:2641-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.8AI score0.01487EPSS
Exploits1References2
NVD
NVD
added 2021/02/18 4:15 p.m.19 views

CVE-2020-28463

All versions of package reportlab are vulnerable to Server-side Request Forgery SSRF via img tags. In order to reduce risk, use trustedSchemes & trustedHosts see in Reportlab's documentation Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos ...

6.5CVSS0.01487EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2021/02/18 4:15 p.m.8 views

angleview (=0.0.0.dev1), bacant (=3.4.0) +61 more potentially affected by CVE-2020-28463 via reportlab (>=3.1.44 <=3.5.53)

reportlab PYPI version =3.1.44, =0.0.1.dev1, =1.1.1, =1.0.0, =2.0.1.16012810, =2.0.1.16012810, =2.0.1.16012810, =0.7.0, =0.1.0, =0.0.2, =1.1.0, =1.3.0 - invenio-testing =0.1.1 and more Source cves: CVE-2020-28463 Source advisory: OSV:PYSEC-2021-146...

6.5CVSS6.7AI score0.01487EPSS
Exploits1
CVE
CVE
added 2021/02/18 4:0 p.m.195 views

CVE-2020-28463

CVE-2020-28463 affects the Python ReportLab library and describes a Server-Side Request Forgery (SSRF) via img tags. The connected documents confirm the vulnerability, its SSRF nature via image tags, and mitigation guidance to reduce risk by using trustedSchemes and trustedHosts (as documented by...

6.5CVSS6.6AI score0.01487EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2021/02/18 4:0 p.m.38 views

CVE-2020-28463 Server-side Request Forgery (SSRF)

All versions of package reportlab are vulnerable to Server-side Request Forgery SSRF via img tags. In order to reduce risk, use trustedSchemes & trustedHosts see in Reportlab's documentation Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos ...

6.5CVSS6.6AI score0.01487EPSS
Exploits1References5
Rows per page
Query Builder