1930416 – (CVE-2020-28463) CVE-2020-28463 python-reportlab: Server-side request forgery via img tags

Bug 1930416 (CVE-2020-28463) - CVE-2020-28463 python-reportlab: Server-side request forgery via img tags

Summary: CVE-2020-28463 python-reportlab: Server-side request forgery via img tags

Keywords:
Status:	NEW
Alias:	CVE-2020-28463
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1930417 1933896
Blocks:	1930418
TreeView+	depends on / blocked

Reported:	2021-02-18 20:17 UTC by Pedro Sampaio
Modified:	2023-07-07 08:33 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in python-reportlab. A Server-side Request Forgery (SSRF) vulnerability is possible via img tags.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Pedro Sampaio 2021-02-18 20:17:52 UTC

All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags.

References:

https://snyk.io/vuln/SNYK-PYTHON-REPORTLAB-1022145
https://www.reportlab.com/docs/reportlab-userguide.pdf

Comment 1 Pedro Sampaio 2021-02-18 20:18:18 UTC

Created python-reportlab tracking bugs for this issue:

Affects: fedora-all [bug 1930417]

Comment 3 Jason Shepherd 2021-02-22 05:03:04 UTC

Set CVSS Confidentiality metrics to Low and Integrity to Low because the contents of the attacked address aren't disclosed, only the presence of the address and potentially the Integrity if the address allows state changing actions via HTTP get method.

Comment 4 Mark Cooper 2021-02-23 00:02:04 UTC

External References:

https://snyk.io/vuln/SNYK-PYTHON-REPORTLAB-1022145

Comment 7 Todd Cullum 2021-03-02 00:36:34 UTC

Statement:

This flaw is out of support scope for the following products:

* Red Hat Enterprise Linux 6
* Red Hat Enterprise Linux 7

To learn more about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata/

Note You need to log in before you can comment on or make changes to this bug.