9.8

CVE-2019-17626

Exploit
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ReportlabReportlab Version <= 3.5.26
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.23% 0.951
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-91 XML Injection (aka Blind XPath Injection)

The product does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00002.html
https://access.redhat.com/errata/RHSA-2020:0195
https://access.redhat.com/errata/RHSA-2020:0197
https://access.redhat.com/errata/RHSA-2020:0201
https://access.redhat.com/errata/RHSA-2020:0230
https://bitbucket.org/rptlab/reportlab/issues/199/eval-in-colorspy-leads-to-remote-code
Third Party Advisory
Exploit
Issue Tracking
https://bitbucket.org/rptlab/reportlab/src/default/CHANGES.md
Third Party Advisory
Release Notes
https://lists.debian.org/debian-lts-announce/2020/02/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSCTOE3DITFICY2XKBYZ5WAF5TSQ52DM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZPHP2BJSTP4IYCSJRQINP763IHO6ASL/
https://security.gentoo.org/glsa/202007-35
https://security.netapp.com/advisory/ntap-20240719-0006/
https://usn.ubuntu.com/4273-1/
https://www.debian.org/security/2020/dsa-4663