RHEL 8 : python-reportlab (RHSA-2023:5789)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5789 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...

RHEL 8 : python-reportlab (RHSA-2023:5787)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5787 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...

RHEL 8 : python-reportlab (RHSA-2023:5786)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5786 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...

RHEL 8 : python-reportlab (RHSA-2023:5790)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5790 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...

ALSA-2023:5790 Important: python-reportlab security update

Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code execution CVE-2019-19450 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information...

SUSE SLED12 / SLES12 Security Update : python-reportlab (SUSE-SU-2023:4048-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:4048-1 advisory. - paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates...

SUSE-SU-2023:4048-1 Security update for python-reportlab

This update for python-reportlab fixes the following issues: - CVE-2019-19450: Fixed an issue which allowed remote code execution via startunichar in paraparser.py evaluating untrusted user input. bsc1215560...

Important: Red Hat Security Advisory: python-reportlab security update

An update for python-reportlab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

python-reportlab: code injection in paraparser.py allows code execution

A code injection vulnerability was found in python-reportlab that may allow an attacker to execute code while parsing a unichar element attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable and could allow remote code execution...

Oracle Linux 7 : python-reportlab (ELSA-2023-5616)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5616 advisory. 2.5-11 - Do not evaluate unichar element - Resolves: RHEL-7011 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RHEL 7 : python-reportlab (RHSA-2023:5616)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5616 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...

Remote Code Execution (RCE)

python-reportlab is vulnerable to Remote Code Execution RCE. A remote code execution is possible because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with unichar code=" followed by arbitrary Python code...

openSUSE 15 Security Update : python-reportlab (SUSE-SU-2023:3972-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:3972-1 advisory. - paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar elemen...

Important: python-reportlab

Issue Overview: paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with 'unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626...

Amazon Linux 2 : python-reportlab (ALAS-2023-2285)

The version of python-reportlab installed on the remote host is prior to 2.5-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2285 advisory. paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untruste...

SUSE-SU-2023:3972-1 Security update for python-reportlab

This update for python-reportlab fixes the following issues: - CVE-2019-19450: Fixed an issue which allowed remote code execution via startunichar in paraparser.py evaluating untrusted user input. bsc1215560...

Debian: Security Advisory (DLA-3590-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3590 : python-renderpm - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3590 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3590-1 [email protected]...

Fedora: Security Advisory for python-reportlab (FEDORA-2023-3b82f4aa86)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 37 : python-reportlab (2023-3b82f4aa86)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-3b82f4aa86 advisory. - Release 4.0.4 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...