Bug 2217629 (CVE-2023-33733) - CVE-2023-33733 python-reportlab: remote code execution via supplying a crafted PDF file
Summary: CVE-2023-33733 python-reportlab: remote code execution via supplying a crafte...
Keywords:
Status: NEW
Alias: CVE-2023-33733
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2217630 2217764 2217765 2217766 2217767 2217768 2217769 2217770
Blocks: 2217633
TreeView+ depends on / blocked
 
Reported: 2023-06-26 18:15 UTC by Pedro Sampaio
Modified: 2023-07-07 08:31 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in python-reportlab. This flaw allows an attacker to execute arbitrary code by supplying a crafted PDF file.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Pedro Sampaio 2023-06-26 18:15:44 UTC 
Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.

https://github.com/c53elyas/CVE-2023-33733
Comment 1 Pedro Sampaio 2023-06-26 18:15:57 UTC 
Created python-reportlab tracking bugs for this issue:

Affects: fedora-all [bug 2217630]
Note You need to log in before you can comment on or make changes to this bug.