VIR Vulnerability Intelligence Relay

Package impact

python PyPI / reportlab

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2019-19450 high 8.0 3y ago Important: python-reportlab security update susedebianpython
CVE-2020-28463 medium 5.5 5y ago All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab's documentation) Step… archsusedebianpython
CVE-2023-33733 unknown 3y ago Reportlab vulnerable to remote code execution susedebianpython
CVE-2019-17626 unknown 4y ago ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code. susedebianpython