{"id":"MGASA-2020-0059","summary":"Updated python-reportlab packages fix security vulnerability","details":"A code injection vulnerability in python-reportlab allows an attacker to\nexecute code while parsing a color attribute. An application that uses\npython-reportlab to parse untrusted input files may be vulnerable to\nthis flaw and allow remote code execution (CVE-2019-17626).\n","modified":"2026-04-16T04:41:49.087196134Z","published":"2020-01-28T07:52:40Z","upstream":["CVE-2019-17626"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0059.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26115"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2020:0197"}],"affected":[{"package":{"name":"python-reportlab","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/python-reportlab?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.5.34-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0059.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}