SUSE-SU-2021:3209-1

Опубликовано: 23 сент. 2021

Источник: suse-cvrf

Описание

Security update for python-reportlab

This update for python-reportlab fixes the following issues:

CVE-2020-28463: Fixed Server-side Request Forgery via img tags (bsc#1182503).
Add missing import in CVE-2020-28463 fix (bsc#1190110).

Список пакетов

SUSE Linux Enterprise Workstation Extension 12 SP5

python-reportlab-2.7-3.8.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20213209-1/
Link for SUSE-SU-2021:3209-1
https://lists.suse.com/pipermail/sle-security-updates/2021-September/009500.html
E-Mail link for SUSE-SU-2021:3209-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1182503
SUSE Bug 1182503
https://bugzilla.suse.com/1190110
SUSE Bug 1190110
https://www.suse.com/security/cve/CVE-2020-28463/
SUSE CVE CVE-2020-28463 page

Описание

All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab's documentation) Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos -> odyssey -> dodyssey 3. In the text file odyssey.txt that needs to be converted to pdf inject <img src="http://127.0.0.1:5000" valign="top"/> 4. Create a nc listener nc -lp 5000 5. Run python3 dodyssey.py 6. You will get a hit on your nc showing we have successfully proceded to send a server side request 7. dodyssey.py will show error since there is no img file on the url, but we are able to do SSRF

Затронутые продукты

SUSE Linux Enterprise Workstation Extension 12 SP5:python-reportlab-2.7-3.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-28463.html
CVE-2020-28463
https://bugzilla.suse.com/1182503
SUSE Bug 1182503

SUSE-SU-2021:3209-1

Описание

Список пакетов

SUSE Linux Enterprise Workstation Extension 12 SP5

Ссылки

Уязвимость: CVE-2020-28463

Описание

Затронутые продукты

Ссылки