Описание
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
A code injection vulnerability in python-reportlab allows an attacker to execute code while parsing a color attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable to this flaw and allow remote code execution.
Отчет
This vulnerability will not be fixed in Red Hat Quay because it only affects a non-supported feature which is disabled behind a feature flag.
Меры по смягчению последствий
No known mitigation available.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Quay 3 | quay | Will not fix | ||
| Red Hat Enterprise Linux 6 | python-reportlab | Fixed | RHSA-2020:0197 | 21.01.2020 |
| Red Hat Enterprise Linux 7 | python-reportlab | Fixed | RHSA-2020:0195 | 21.01.2020 |
| Red Hat Enterprise Linux 8 | python-reportlab | Fixed | RHSA-2020:0201 | 24.01.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | python-reportlab | Fixed | RHSA-2020:0230 | 27.01.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
ReportLab through 3.5.26 allows remote code execution because of toCol ...
EPSS
9.8 Critical
CVSS3