| Release | Version |
|---|---|
| jessie | 3.1.8-3+deb8u2 |
| stretch | 3.3.0-2+deb9u2 |
| stretch (security) | 3.3.0-2+deb9u1 |
| buster | 3.5.13-1+deb10u1 |
| buster (security) | 3.5.13-1+deb10u2 |
| bullseye | 3.5.59-2 |
| bookworm | 3.6.12-1 |
| trixie | 4.1.0-4 |
| sid | 4.2.0-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-33733 | vulnerable | fixed | fixed | vulnerable | vulnerable | fixed | fixed | Reportlab up to v3.6.12 allows attackers to execute arbitrary code via ... |
| CVE-2020-28463 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | fixed | fixed | All versions of package reportlab are vulnerable to Server-side Reques ... |
| CVE-2019-19450 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | paraparser in ReportLab before 3.5.31 allows remote code execution bec ... |
| Bug | Description |
|---|---|
| CVE-2019-17626 | ReportLab through 3.5.26 allows remote code execution because of toCol ... |
| DSA / DLA | Description |
|---|---|
| ELA-983-1 | python-reportlab - security update |
| DLA-3590-1 | python-reportlab - security update |
| DSA-4663-1 | python-reportlab - security update |
| DLA-2112-1 | python-reportlab - security update |