CVE-2023-33733

Опубликовано: 05 июн. 2023

Источник: redhat

CVSS3: 7.8

EPSS Средний

Описание

Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.

A vulnerability was found in python-reportlab. This flaw allows an attacker to execute arbitrary code by supplying a crafted PDF file.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	python-reportlab	Not affected
Red Hat Enterprise Linux 7	python-reportlab	Not affected
Red Hat Enterprise Linux 8	python-reportlab	Not affected
Red Hat Quay 3	python-reportlab	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-94

https://bugzilla.redhat.com/show_bug.cgi?id=2217629python-reportlab: remote code execution via supplying a crafted PDF file

EPSS

Процентиль: 96%

0.27113

Средний

7.8 High

CVSS3

Связанные уязвимости

CVE-2023-33733

CVSS3: 7.8

ubuntu

больше 2 лет назад

Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.

CVE-2023-33733

CVSS3: 7.8

nvd

больше 2 лет назад

Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.

CVE-2023-33733

CVSS3: 7.8

debian

больше 2 лет назад

Reportlab up to v3.6.12 allows attackers to execute arbitrary code via ...

SUSE-SU-2023:2688-1

suse-cvrf

около 2 лет назад

Security update for python-reportlab

SUSE-SU-2023:2561-1

suse-cvrf

около 2 лет назад

Security update for python-reportlab

EPSS

Процентиль: 96%

0.27113

Средний

7.8 High

CVSS3