Vulnerabilities

CVE-2019-17626

by Fred · 16/10/2019

ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with ‘https://www.debian.org/security/2020/dsa-4663

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZPHP2BJSTP4IYCSJRQINP763IHO6ASL/

Similar

Tags: Cybersecurity Alert