High severityNVD Advisory· Published Jun 5, 2023· Updated Jan 8, 2025
CVE-2023-33733
CVE-2023-33733
Description
Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
reportlabPyPI | < 3.6.13 | 3.6.13 |
Affected products
7- Reportlab/Reportlabdescription
- ghsa-coords6 versionspkg:pypi/reportlabpkg:rpm/opensuse/python-reportlab&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/python-reportlab&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/python-reportlab&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/python-reportlab&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/python-reportlab&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
< 3.6.13+ 5 more
- (no CPE)range: < 3.6.13
- (no CPE)range: < 3.4.0-150000.3.9.1
- (no CPE)range: < 3.4.0-150000.3.9.1
- (no CPE)range: < 3.4.0-150000.3.9.1
- (no CPE)range: < 3.4.0-150000.3.9.1
- (no CPE)range: < 2.7-3.13.1
Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-9q9m-c65c-37pqghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36WOY22ECJCPOXHVTNCHEWOQLL7JSWP4/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ALE727IRACYBTTOFIFG57RS4OA2SHIJ/mitrevendor-advisory
- nvd.nist.gov/vuln/detail/CVE-2023-33733ghsaADVISORY
- lists.debian.org/debian-lts-announce/2024/10/msg00008.htmlghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36WOY22ECJCPOXHVTNCHEWOQLL7JSWP4ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ALE727IRACYBTTOFIFG57RS4OA2SHIJghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36WOY22ECJCPOXHVTNCHEWOQLL7JSWP4ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ALE727IRACYBTTOFIFG57RS4OA2SHIJghsaWEB
News mentions
0No linked articles in our index yet.