284 matches found
Important: Red Hat Security Advisory: python-reportlab security update
An update for python-reportlab is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: python-reportlab security update
An update for python-reportlab is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
python-reportlab: code injection in paraparser.py allows code execution
A code injection vulnerability was found in python-reportlab that may allow an attacker to execute code while parsing a unichar element attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable and could allow remote code execution...
ALSA-2023:5790 Important: python-reportlab security update
Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code execution CVE-2019-19450 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information...
RHEL 8 : python-reportlab (RHSA-2023:5788)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5788 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
RHEL 8 : python-reportlab (RHSA-2023:5787)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5787 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
RHEL 8 : python-reportlab (RHSA-2023:5790)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5790 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
RHEL 8 : python-reportlab (RHSA-2023:5789)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5789 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
RHEL 8 : python-reportlab (RHSA-2023:5786)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5786 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
Important: python-reportlab security update
Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code execution CVE-2019-19450 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information...
SUSE SLED12 / SLES12 Security Update : python-reportlab (SUSE-SU-2023:4048-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:4048-1 advisory. - CVE-2019-19450: Fixed an issue which allowed remote code execution via startunichar in paraparser.py evaluating...
SUSE-SU-2023:4048-1 Security update for python-reportlab
This update for python-reportlab fixes the following issues: - CVE-2019-19450: Fixed an issue which allowed remote code execution via startunichar in paraparser.py evaluating untrusted user input. bsc1215560...
python-reportlab security update
2.5-11 - Do not evaluate unichar element - Resolves: RHEL-7011...
python-reportlab: code injection in paraparser.py allows code execution
A code injection vulnerability was found in python-reportlab that may allow an attacker to execute code while parsing a unichar element attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable and could allow remote code execution...
Important: Red Hat Security Advisory: python-reportlab security update
An update for python-reportlab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
RHEL 7 : python-reportlab (RHSA-2023:5616)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5616 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...
Oracle Linux 7 : python-reportlab (ELSA-2023-5616)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5616 advisory. 2.5-11 - Do not evaluate unichar element - Resolves: RHEL-7011 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Remote Code Execution (RCE)
python-reportlab is vulnerable to Remote Code Execution RCE. A remote code execution is possible because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with unichar code=" followed by arbitrary Python code...
Important: python-reportlab
Issue Overview: paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with 'unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626...
SUSE SLES15 / openSUSE 15 Security Update : python-reportlab (SUSE-SU-2023:3972-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:3972-1 advisory. - CVE-2019-19450: Fixed an issue which allowed remote code execution via startunichar in paraparser.py evaluating untrusted user input...