0.002 Low
EPSS
Percentile
52.6%
ReportLab is vulnerable to remote code execution. An attacker is able to send malicious requests on behalf of the application via the usage of img tags. The risk of vulnerability can be reduced if trustedSchemes & trustedHosts are applied.
lists.fedoraproject.org/archives/list/[email protected]/message/HMUJA5GZTPQ5WRYUCCK2GEZM4W43N7HH/
lists.fedoraproject.org/archives/list/[email protected]/message/YZQSFCID67K6BTC655EQY6MNOF35QI44/
www.reportlab.com/docs/reportlab-userguide.pdf
www.tenable.com/cve/CVE-2020-28463