Red Hat Security Advisory 2023-5787-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
150cb2d97aa150d7600c698aa16d2861291855ee5cd3481d426131773eac6284
Red Hat Security Advisory 2023-5786-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
0d5f0aa99be04ced55b2baea204c358506a55b7b9428fa5fba74940fa51837c8
Ubuntu Security Notice 6394-2 - USN-6394-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
d38a75206389008d3e1ad14a50564e60d915ccb7b901100a133baef1458072fe
Apache Superset versions 2.0.0 and below utilize Flask with a known default secret key which is used to sign HTTP cookies. These cookies can therefore be forged. If a user is able to login to the site, they can decode the cookie, set their user_id to that of an administrator, and re-sign the cookie. This valid cookie can then be used to login as the targeted user. From there the Superset database is mounted, and credentials are pulled. A dashboard is then created. Lastly a pickled python payload can be set for that dashboard within Superset's database which will trigger the remote code execution. An attempt to clean up ALL of the dashboard key values and reset them to their previous values happens during the cleanup phase.
0cf3211c0a88b94f22c56bd68535a69b15419a4e9c97ce50b1d180e75e44b6be
Red Hat Security Advisory 2023-5616-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
2dd35d1d563fa4f4686f2465d398d4434e278f814a90ce88a33008b776002409
Red Hat Security Advisory 2023-5528-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
a7809e9736bc296be97737d0134acf6fa48d78add499ff1793c34d58165a458a
Red Hat Security Advisory 2023-5531-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
a3ac08590b81392419d53e56814ac2bc5993d0b96b4d0fc7fbc90e5d72562f06
Red Hat Security Advisory 2023-5472-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
9c1907fc55798106e0bd3a59d0c393769c3b9106a4a9363b9744bc3077648583
Red Hat Security Advisory 2023-5456-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a bypass vulnerability.
f09181b9b7be43158cca59a700da7461f491ae25644238faaf8b1279d3ca31f1
Red Hat Security Advisory 2023-5462-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
313f06d9ee1fe6f102aed74238c4b3de0da9f76aea3b0cec8d71f5838548559b
Red Hat Security Advisory 2023-5463-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a bypass vulnerability.
952e2fc910e9d17614ddee9613f6122dd79884b41702c86e0566f6059e098cc8
Ubuntu Security Notice 6400-1 - It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information.
78f05f302971fdd61c41b154c5089eddceaa4838a9b6ffba2b409c27fe5f9ad4
Ubuntu Security Notice 6394-1 - It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
5e2657b51ce71bc1d6b8b0ec757dad995dd0b33e1ab6d102daa7f5cf3f0ac2b4
Packers and Movers Management System version 1.0 suffers from a remote blind SQL injection vulnerability. Proof of concept exploit written in python included.
392e218592b7d81bc0c0a1e2e699e9fe38ca587052d6e6393e97b66c59ab44ea
Ubuntu Security Notice 6354-1 - It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this vulnerability to perform an XML External Entity injection, resulting in a denial of service or information disclosure.
55bae84a27165496e4c61f96e67a29907c9b0b2752c81b4e650223bf8ebf69c7
Red Hat Security Advisory 2023-4520-01 - The python-requests package contains a library designed to make HTTP requests easy for developers.
d0c1dc5e356e4b5ead6eee269f7ceb50713f9d3eba95d0dfa54c4f53d0db6666
Debian Linux Security Advisory 5470-1 - Several vulnerabilities were discovered in python-werkzeug, a collection of utilities for WSGI applications.
fbfd0844807d42d5eb5a87ffa65a7a37c372c6b11c185ce8b31d829df350079a
Debian Linux Security Advisory 5465-1 - Seokchan Yoon discovered that missing sanitising in the email and URL validators of Django, a Python web development framework, could result in denial of service.
33b7ca821d6fc6dd2ab809a37b4f1612df724b871bdac89beddd3b918a60c415
Red Hat Security Advisory 2023-4350-01 - The python-requests package contains a library designed to make HTTP requests easy for developers.
7ce56fea56931578e58c9e57378b143719c421d55b7dd3187c56f8fc8e8f3d1a
Red Hat Security Advisory 2023-4203-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
46c15e24854b58d292795c5f401e74c5dda9a33b793f95b1a91fc41e5a0d1e7b
Red Hat Security Advisory 2023-4038-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
b42f6272c8c7fddf2249cabdb0bf9b19272c6444286b291de14c13370dc28260
Red Hat Security Advisory 2023-4032-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
5c73f78766f92a8eb634aca8aadf9dac83904c1c56404db35eca47bdf87d2abf
Red Hat Security Advisory 2023-4004-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
bb4930cafe5b0554ca3f0d5e3ffc47d4fdfe210a39dd5a81d610b8995f57c981
Red Hat Security Advisory 2023-4008-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
446d726ba1666bd8d2dcdf09f2b9166abaacfeb1a5be08387fc55d813ea928cb
Red Hat Security Advisory 2023-3936-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
5f8ab79bf32667711cc472ad5ed9fc7d386b2c8a961f61650fc73a165b02f06b