Описание
ELSA-2023-5616: python-reportlab security update (IMPORTANT)
[2.5-11]
- Do not evaluate unichar element
- Resolves: RHEL-7011
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
python-reportlab
2.5-11.el7_9
python-reportlab-docs
2.5-11.el7_9
Oracle Linux x86_64
python-reportlab
2.5-11.el7_9
python-reportlab-docs
2.5-11.el7_9
Связанные CVE
Связанные уязвимости
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.
paraparser in ReportLab before 3.5.31 allows remote code execution bec ...
