NewStart CGSL MAIN 4.05 : python-reportlab Vulnerability (NS-SA-2020-0021)

The remote NewStart CGSL host, running version MAIN 4.05, has python-reportlab packages installed that are affected by a vulnerability: - ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with ' %NASLMINLEVEL...

NewStart CGSL CORE 5.04 / MAIN 5.04 : python-reportlab Vulnerability (NS-SA-2020-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-reportlab packages installed that are affected by a vulnerability: - ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with '...

Debian DLA-2112-1 : python-reportlab security update

It was found that ReportLab, a Python library to create PDF documents, did not properly parse color strings, allowing an attacker to execute arbitrary code through a crafted input document. For Debian 8 'Jessie', this problem has been fixed in version 3.1.8-3+deb8u2. We recommend that you upgrade...

Huawei EulerOS: Security Advisory for python-reportlab (EulerOS-SA-2020-1129)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : python-reportlab (EulerOS-SA-2020-1129)

According to the version of the python-reportlab package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Python PDF generation library.Security Fixes:ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py,...

Debian: Security Advisory (DLA-2112-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2112-1] python-reportlab security update

Package : python-reportlab Version : 3.1.8-3+deb8u2 CVE ID : CVE-2019-17626 Debian Bug : 942763 It was found that ReportLab, a Python library to create PDF documents, did not properly parse color strings, allowing an attacker to execute arbitrary code through a crafted input document. For Debian ...

DLA-2112-1 python-reportlab - security update

Bulletin has no description...

Amazon Linux 2 : python-reportlab (ALAS-2020-1390)

The version of python-reportlab installed on the remote host is prior to 2.5-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1390 advisory. ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted X...

Ubuntu: Security Advisory (USN-4273-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4273-1: ReportLab vulnerability

It was discovered that ReportLab incorrectly handled certain XML documents. If a user or automated system were tricked into processing a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary code...

SUSE-SU-2020:0324-1 Security update for python-reportlab

This update for python-reportlab fixes the following issues: - CVE-2019-17626: Fixed a potential remote code execution because of the lack of input sanitization in toColor bsc1154370...

openSUSE: Security Advisory for python-reportlab (openSUSE-SU-2020:0160-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : python-reportlab (openSUSE-2020-160)

This update for python-reportlab fixes the following issues : - CVE-2019-17626: Fixed a potential remote code execution because of the lack of input sanitization in toColor bsc1154370. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The...

OPENSUSE-SU-2020:0160-1 Security update for python-reportlab

This update for python-reportlab fixes the following issues: - CVE-2019-17626: Fixed a potential remote code execution because of the lack of input sanitization in toColor bsc1154370. This update was imported from the SUSE:SLE-15:Update update project...

Security update for python-reportlab (important)

openSUSE Security Update: Security update for python-reportlab Announcement ID: openSUSE-SU-2020:0160-1 Rating: important References: 1154370 Cross-References: CVE-2019-17626 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update fo...

Fedora 31 : python-reportlab (2020-f3e0ba2f79)

Release 3.5.34 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc. Th...

Fedora: Security Advisory for python-reportlab (FEDORA-2020-f3e0ba2f79)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS 7 : python-reportlab (RHSA-2020:0195)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0195 advisory. - ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color='...

SUSE SLED15 / SLES15 Security Update : python-reportlab (SUSE-SU-2020:0255-1)

This update for python-reportlab fixes the following issues : CVE-2019-17626: Fixed a potential remote code execution because of the lack of input sanitization in toColor bsc1154370. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...