Red Hat Security Advisory 2023-5787-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
150cb2d97aa150d7600c698aa16d2861291855ee5cd3481d426131773eac6284Red Hat Security Advisory 2023-5786-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
0d5f0aa99be04ced55b2baea204c358506a55b7b9428fa5fba74940fa51837c8Ubuntu Security Notice 6394-2 - USN-6394-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
d38a75206389008d3e1ad14a50564e60d915ccb7b901100a133baef1458072feApache Superset versions 2.0.0 and below utilize Flask with a known default secret key which is used to sign HTTP cookies. These cookies can therefore be forged. If a user is able to login to the site, they can decode the cookie, set their user_id to that of an administrator, and re-sign the cookie. This valid cookie can then be used to login as the targeted user. From there the Superset database is mounted, and credentials are pulled. A dashboard is then created. Lastly a pickled python payload can be set for that dashboard within Superset's database which will trigger the remote code execution. An attempt to clean up ALL of the dashboard key values and reset them to their previous values happens during the cleanup phase.
0cf3211c0a88b94f22c56bd68535a69b15419a4e9c97ce50b1d180e75e44b6beRed Hat Security Advisory 2023-5616-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
2dd35d1d563fa4f4686f2465d398d4434e278f814a90ce88a33008b776002409Red Hat Security Advisory 2023-5528-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
a7809e9736bc296be97737d0134acf6fa48d78add499ff1793c34d58165a458aRed Hat Security Advisory 2023-5531-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
a3ac08590b81392419d53e56814ac2bc5993d0b96b4d0fc7fbc90e5d72562f06Red Hat Security Advisory 2023-5472-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
9c1907fc55798106e0bd3a59d0c393769c3b9106a4a9363b9744bc3077648583Red Hat Security Advisory 2023-5456-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a bypass vulnerability.
f09181b9b7be43158cca59a700da7461f491ae25644238faaf8b1279d3ca31f1Red Hat Security Advisory 2023-5462-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
313f06d9ee1fe6f102aed74238c4b3de0da9f76aea3b0cec8d71f5838548559bRed Hat Security Advisory 2023-5463-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a bypass vulnerability.
952e2fc910e9d17614ddee9613f6122dd79884b41702c86e0566f6059e098cc8Ubuntu Security Notice 6400-1 - It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information.
78f05f302971fdd61c41b154c5089eddceaa4838a9b6ffba2b409c27fe5f9ad4Ubuntu Security Notice 6394-1 - It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
5e2657b51ce71bc1d6b8b0ec757dad995dd0b33e1ab6d102daa7f5cf3f0ac2b4Packers and Movers Management System version 1.0 suffers from a remote blind SQL injection vulnerability. Proof of concept exploit written in python included.
392e218592b7d81bc0c0a1e2e699e9fe38ca587052d6e6393e97b66c59ab44eaUbuntu Security Notice 6354-1 - It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this vulnerability to perform an XML External Entity injection, resulting in a denial of service or information disclosure.
55bae84a27165496e4c61f96e67a29907c9b0b2752c81b4e650223bf8ebf69c7Red Hat Security Advisory 2023-4520-01 - The python-requests package contains a library designed to make HTTP requests easy for developers.
d0c1dc5e356e4b5ead6eee269f7ceb50713f9d3eba95d0dfa54c4f53d0db6666Debian Linux Security Advisory 5470-1 - Several vulnerabilities were discovered in python-werkzeug, a collection of utilities for WSGI applications.
fbfd0844807d42d5eb5a87ffa65a7a37c372c6b11c185ce8b31d829df350079aDebian Linux Security Advisory 5465-1 - Seokchan Yoon discovered that missing sanitising in the email and URL validators of Django, a Python web development framework, could result in denial of service.
33b7ca821d6fc6dd2ab809a37b4f1612df724b871bdac89beddd3b918a60c415Red Hat Security Advisory 2023-4350-01 - The python-requests package contains a library designed to make HTTP requests easy for developers.
7ce56fea56931578e58c9e57378b143719c421d55b7dd3187c56f8fc8e8f3d1aRed Hat Security Advisory 2023-4203-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
46c15e24854b58d292795c5f401e74c5dda9a33b793f95b1a91fc41e5a0d1e7bRed Hat Security Advisory 2023-4038-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
b42f6272c8c7fddf2249cabdb0bf9b19272c6444286b291de14c13370dc28260Red Hat Security Advisory 2023-4032-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
5c73f78766f92a8eb634aca8aadf9dac83904c1c56404db35eca47bdf87d2abfRed Hat Security Advisory 2023-4004-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
bb4930cafe5b0554ca3f0d5e3ffc47d4fdfe210a39dd5a81d610b8995f57c981Red Hat Security Advisory 2023-4008-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
446d726ba1666bd8d2dcdf09f2b9166abaacfeb1a5be08387fc55d813ea928cbRed Hat Security Advisory 2023-3936-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
5f8ab79bf32667711cc472ad5ed9fc7d386b2c8a961f61650fc73a165b02f06b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed