VYPR

rpm package

opensuse/python-reportlab&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/python-reportlab&distro=openSUSE%20Leap%2015.5

Vulnerabilities (2)

  • CVE-2019-19450Sep 20, 2023
    affected < 3.4.0-150000.3.12.1fixed 3.4.0-150000.3.12.1

    paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.

  • CVE-2023-33733Jun 5, 2023
    affected < 3.4.0-150000.3.9.1fixed 3.4.0-150000.3.9.1

    Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.