python-reportlab-2.5-11.el7
エラータID: AXSA:2023-6484:01
Release date:
Wednesday, October 11, 2023 - 00:56
Subject:
python-reportlab-2.5-11.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
High
Description:
Python-reportlab is a library used for generation of PDF documents.
Security Fix(es):
* python-reportlab: code injection in paraparser.py allows code execution (CVE-2019-19450)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2019-19450
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '
Solution:
Update packages.
CVEs:
CVE-2019-19450
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '
Additional Info:
N/A
Download:
SRPMS
- python-reportlab-2.5-11.el7.src.rpm
MD5: 9c697ac859c249f7e4ed54d2e32316f2
SHA-256: f12f6ce62b22cc83e4d00e107743673c339f76a8babfa9b083650ea30df2c809
Size: 1.84 MB
Asianux Server 7 for x86_64
- python-reportlab-2.5-11.el7.x86_64.rpm
MD5: e0ecd139bb21b5bc24de5789c41d47ef
SHA-256: c4191c23f609c603038477d4a1dd898b979c8bad582aebbe038ae74c5cb0d812
Size: 1.15 MB