VYPR

rpm package

suse/python-reportlab&distro=SUSE Linux Enterprise Module for Package Hub 15 SP4

pkg:rpm/suse/python-reportlab&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4

Vulnerabilities (2)

  • CVE-2019-19450Sep 20, 2023
    affected < 3.4.0-150000.3.12.1fixed 3.4.0-150000.3.12.1

    paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.

  • CVE-2023-33733Jun 5, 2023
    affected < 3.4.0-150000.3.9.1fixed 3.4.0-150000.3.9.1

    Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.