Vulnerability Details CVE-2023-33733
Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.271
EPSS Ranking 96.2%
CVSS Severity
CVSS v3 Score 7.8
References
- https://github.com/c53elyas/CVE-2023-33733
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36WOY22ECJCPOXHVTNCHEWOQLL7JSWP4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ALE727IRACYBTTOFIFG57RS4OA2SHIJ/
- https://github.com/c53elyas/CVE-2023-33733
- https://lists.debian.org/debian-lts-announce/2024/10/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36WOY22ECJCPOXHVTNCHEWOQLL7JSWP4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ALE727IRACYBTTOFIFG57RS4OA2SHIJ/
Products affected by CVE-2023-33733
-
cpe:2.3:a:reportlab:reportlab:2.0
-
cpe:2.3:a:reportlab:reportlab:2.3
-
cpe:2.3:a:reportlab:reportlab:2.4
-
cpe:2.3:a:reportlab:reportlab:2.5
-
cpe:2.3:a:reportlab:reportlab:2.6
-
cpe:2.3:a:reportlab:reportlab:2.7
-
cpe:2.3:a:reportlab:reportlab:3.0
-
cpe:2.3:a:reportlab:reportlab:3.1.44
-
cpe:2.3:a:reportlab:reportlab:3.1.8
-
cpe:2.3:a:reportlab:reportlab:3.2.0
-
cpe:2.3:a:reportlab:reportlab:3.3.0
-
cpe:2.3:a:reportlab:reportlab:3.4.0
-
cpe:2.3:a:reportlab:reportlab:3.5.0
-
cpe:2.3:a:reportlab:reportlab:3.5.1
-
cpe:2.3:a:reportlab:reportlab:3.5.10
-
cpe:2.3:a:reportlab:reportlab:3.5.11
-
cpe:2.3:a:reportlab:reportlab:3.5.12
-
cpe:2.3:a:reportlab:reportlab:3.5.13
-
cpe:2.3:a:reportlab:reportlab:3.5.16
-
cpe:2.3:a:reportlab:reportlab:3.5.17
-
cpe:2.3:a:reportlab:reportlab:3.5.18
-
cpe:2.3:a:reportlab:reportlab:3.5.19
-
cpe:2.3:a:reportlab:reportlab:3.5.2
-
cpe:2.3:a:reportlab:reportlab:3.5.20
-
cpe:2.3:a:reportlab:reportlab:3.5.21
-
cpe:2.3:a:reportlab:reportlab:3.5.23
-
cpe:2.3:a:reportlab:reportlab:3.5.26
-
cpe:2.3:a:reportlab:reportlab:3.5.28
-
cpe:2.3:a:reportlab:reportlab:3.5.31
-
cpe:2.3:a:reportlab:reportlab:3.5.32
-
cpe:2.3:a:reportlab:reportlab:3.5.34
-
cpe:2.3:a:reportlab:reportlab:3.5.4
-
cpe:2.3:a:reportlab:reportlab:3.5.42
-
cpe:2.3:a:reportlab:reportlab:3.5.44
-
cpe:2.3:a:reportlab:reportlab:3.5.45
-
cpe:2.3:a:reportlab:reportlab:3.5.46
-
cpe:2.3:a:reportlab:reportlab:3.5.47
-
cpe:2.3:a:reportlab:reportlab:3.5.48
-
cpe:2.3:a:reportlab:reportlab:3.5.49
-
cpe:2.3:a:reportlab:reportlab:3.5.5
-
cpe:2.3:a:reportlab:reportlab:3.5.50
-
cpe:2.3:a:reportlab:reportlab:3.5.51
-
cpe:2.3:a:reportlab:reportlab:3.5.52
-
cpe:2.3:a:reportlab:reportlab:3.5.53
-
cpe:2.3:a:reportlab:reportlab:3.5.54
-
cpe:2.3:a:reportlab:reportlab:3.5.55
-
cpe:2.3:a:reportlab:reportlab:3.5.56
-
cpe:2.3:a:reportlab:reportlab:3.5.57
-
cpe:2.3:a:reportlab:reportlab:3.5.58
-
cpe:2.3:a:reportlab:reportlab:3.5.59
-
cpe:2.3:a:reportlab:reportlab:3.5.6
-
cpe:2.3:a:reportlab:reportlab:3.5.62
-
cpe:2.3:a:reportlab:reportlab:3.5.63
-
cpe:2.3:a:reportlab:reportlab:3.5.64
-
cpe:2.3:a:reportlab:reportlab:3.5.65
-
cpe:2.3:a:reportlab:reportlab:3.5.66
-
cpe:2.3:a:reportlab:reportlab:3.5.67
-
cpe:2.3:a:reportlab:reportlab:3.5.68
-
cpe:2.3:a:reportlab:reportlab:3.5.8
-
cpe:2.3:a:reportlab:reportlab:3.5.9
-
cpe:2.3:a:reportlab:reportlab:3.6.12