{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2019-19450", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-05T02:16:47.205Z", "dateReserved": "2019-11-29T00:00:00", "datePublished": "2023-09-20T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-04-28T04:06:15.437021"}, "descriptions": [{"lang": "en", "value": "paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code=\"' followed by arbitrary Python code, a similar issue to CVE-2019-17626."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/MrBitBucket/reportlab-mirror/blob/master/CHANGES.md"}, {"url": "https://pastebin.com/5MicRrr4"}, {"name": "[debian-lts-announce] 20230929 [SECURITY] [DLA 3590-1] python-reportlab security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00037.html"}, {"name": "FEDORA-2024-dc844d0669", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHMCB2GJQKFMGVO5RWHN222NQL5XYPHZ/"}, {"name": "FEDORA-2024-6ec4e78241", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HADPTB3SBU7IVRMDK7OL6WSQRU5AFWDZ/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHMCB2GJQKFMGVO5RWHN222NQL5XYPHZ/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HADPTB3SBU7IVRMDK7OL6WSQRU5AFWDZ/"}, {"url": "https://github.com/MrBitBucket/reportlab-mirror/blob/master/CHANGES.md", "tags": ["x_transferred"]}, {"url": "https://pastebin.com/5MicRrr4", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20230929 [SECURITY] [DLA 3590-1] python-reportlab security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00037.html"}, {"name": "FEDORA-2024-dc844d0669", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHMCB2GJQKFMGVO5RWHN222NQL5XYPHZ/"}, {"name": "FEDORA-2024-6ec4e78241", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HADPTB3SBU7IVRMDK7OL6WSQRU5AFWDZ/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T02:16:47.205Z"}}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:reportlab:reportlab:*:*:*:*:*:*:*:*", "matchCriteriaId": "75D6540D-C28F-433B-8166-9FEDFD74E7E2", "versionEndExcluding": "3.5.31", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code=\"' followed by arbitrary Python code, a similar issue to CVE-2019-17626."}, {"lang": "es", "value": "paraparser en ReportLab anterior a 3.5.31 permite la ejecuci\u00f3n remota de c\u00f3digo porque start_unichar en paraparser.py eval\u00faa la entrada de un usuario que no es de confianza en un elemento unichar en un documento XML manipulado con '"}], "id": "CVE-2019-19450", "lastModified": "2024-04-28T04:15:09.350", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-20T14:15:12.310", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/MrBitBucket/reportlab-mirror/blob/master/CHANGES.md"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00037.html"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHMCB2GJQKFMGVO5RWHN222NQL5XYPHZ/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HADPTB3SBU7IVRMDK7OL6WSQRU5AFWDZ/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://pastebin.com/5MicRrr4"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-91"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:5616", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "python-reportlab-0:2.5-11.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2023-10-10T00:00:00Z"}, {"advisory": "RHSA-2023:5790", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "python-reportlab-0:3.4.0-8.el8_8.1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-10-17T00:00:00Z"}, {"advisory": "RHSA-2023:5789", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "python-reportlab-0:3.4.0-6.el8_1.5", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2023-10-17T00:00:00Z"}, {"advisory": "RHSA-2023:5788", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "python-reportlab-0:3.4.0-8.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-10-17T00:00:00Z"}, {"advisory": "RHSA-2023:5788", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "python-reportlab-0:3.4.0-8.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-10-17T00:00:00Z"}, {"advisory": "RHSA-2023:5788", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "python-reportlab-0:3.4.0-8.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-10-17T00:00:00Z"}, {"advisory": "RHSA-2023:5787", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "python-reportlab-0:3.4.0-8.el8_4.1", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-10-17T00:00:00Z"}, {"advisory": "RHSA-2023:5787", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "python-reportlab-0:3.4.0-8.el8_4.1", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-10-17T00:00:00Z"}, {"advisory": "RHSA-2023:5787", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "python-reportlab-0:3.4.0-8.el8_4.1", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-10-17T00:00:00Z"}, {"advisory": "RHSA-2023:5786", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "python-reportlab-0:3.4.0-8.el8_6.1", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-10-17T00:00:00Z"}], "bugzilla": {"description": "python-reportlab: code injection in paraparser.py allows code execution", "id": "2239920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239920"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-91", "details": ["paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code=\"' followed by arbitrary Python code, a similar issue to CVE-2019-17626.", "A code injection vulnerability was found in python-reportlab that may allow an attacker to execute code while parsing a unichar element attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable and could allow remote code execution."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2019-19450", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "python-reportlab", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2023-09-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-19450\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-19450"], "statement": "To exploit the issue, a malicious user has to use a crafted malicious html 'unichar' tag input and then use the reportlab's feature to generate a pdf of the document and that can lead to a remote code execution, therefore, this CVE has an Important impact.\nThis vulnerability is similar to CVE-2019-17626.", "threat_severity": "Important", "upstream_fix": "reportlab 3.5.31"}