Download
| Alert*
|
oval:org.secpod.oval:def:604769
python-reportlab is installed oval:org.secpod.oval:def:503494 python-reportlab is installed oval:org.secpod.oval:def:62959 It was discovered that python-reportlab, a Python library to create PDF documents, is prone to a code injection vulnerability while parsing a color attribute. An attacker can take advantage of this flaw to execute arbitrary code if a specially crafted document is processed. oval:org.secpod.oval:def:117719 This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats. oval:org.secpod.oval:def:117711 This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats. oval:org.secpod.oval:def:125892 This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats. oval:org.secpod.oval:def:125872 This is the ReportLab PDF Toolkit. It allows rapid creation of rich PDF documents, and also creation of charts in a variety of bitmap and vector formats. oval:org.secpod.oval:def:205425 Python-reportlab is a library used for generation of PDF documents. Security Fix: * python-reportlab: code injection in colors.py allows attacker to execute code For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to t ... oval:org.secpod.oval:def:205428 Python-reportlab is a library used for generation of PDF documents. Security Fix: * python-reportlab: code injection in colors.py allows attacker to execute code For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to t ... oval:org.secpod.oval:def:3301967 Security update for python-reportlab oval:org.secpod.oval:def:206070 Security Fix: python-reportlab: code injection in paraparser.py allows code execution For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:1701808 paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with 'less thanunichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626 |
