Download
| Alert*
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with ' | ||||||||
| FEDORA-2024-dc844d0669 | ||||||||
| https://lists.debian.org/debian-lts-announce/2023/09/msg00037.html | ||||||||
| https://github.com/MrBitBucket/reportlab-mirror/blob/master/CHANGES.md | ||||||||
| https://pastebin.com/5MicRrr4 | ||||||||
