What is the vulnerability ID for this issue?

The vulnerability ID is CVE-2020-28463.

What is the severity of CVE-2020-28463?

The severity of CVE-2020-28463 is medium.

Which software packages are affected by CVE-2020-28463?

All versions of the reportlab package and Fedoraproject Fedora versions 34 and 35 are affected by CVE-2020-28463.

How can I mitigate the risk of CVE-2020-28463?

To mitigate the risk of CVE-2020-28463, you can use trustedSchemes and trustedHosts as specified in Reportlab's documentation.

Where can I find more information about CVE-2020-28463?

You can find more information about CVE-2020-28463 in the following references: - [NVD](https://nvd.nist.gov/vuln/detail/CVE-2020-28463) - [Red Hat Bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=1930417) - [Reportlab Commits](https://hg.reportlab.com/hg-public/reportlab/rev/7f2231703dc7)

Vulnerability/
CVE-2020-28463

medium

6.5

CWE

918

18/2/2021

29/3/2021

26/10/2024

CVE-2020-28463: Server-side Request Forgery (SSRF)

First published: Thu Feb 18 2021(Updated: )

All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab's documentation) Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos -> odyssey -> dodyssey 3. In the text file odyssey.txt that needs to be converted to pdf inject <img src="http://127.0.0.1:5000" valign="top"/> 4. Create a nc listener nc -lp 5000 5. Run python3 dodyssey.py 6. You will get a hit on your nc showing we have successfully proceded to send a server side request 7. dodyssey.py will show error since there is no img file on the url, but we are able to do SSRF

Credit: report@snyk.io report@snyk.io report@snyk.io

Affected Software	Affected Version	How to fix
Reportlab Reportlab
Fedoraproject Fedora	=34
Fedoraproject Fedora	=35
pip/reportlab	<3.5.55	3.5.55

	=34
	=35

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this issue?
The vulnerability ID is CVE-2020-28463.
What is the severity of CVE-2020-28463?
The severity of CVE-2020-28463 is medium.
Which software packages are affected by CVE-2020-28463?
All versions of the reportlab package and Fedoraproject Fedora versions 34 and 35 are affected by CVE-2020-28463.
How can I mitigate the risk of CVE-2020-28463?
To mitigate the risk of CVE-2020-28463, you can use trustedSchemes and trustedHosts as specified in Reportlab's documentation.
Where can I find more information about CVE-2020-28463?
You can find more information about CVE-2020-28463 in the following references: - [NVD](https://nvd.nist.gov/vuln/detail/CVE-2020-28463) - [Red Hat Bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=1930417) - [Reportlab Commits](https://hg.reportlab.com/hg-public/reportlab/rev/7f2231703dc7)

collector/nvd-api
collector/nvd-index
agent/type
agent/title
agent/weakness
agent/author
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/first-publish-date
collector/github-advisory-latest
source/GitHub
alias/GHSA-mpvw-25mg-59vx
alias/CVE-2020-28463
agent/software-canonical-lookup
agent/references
agent/last-modified-date
agent/softwarecombine
agent/event
collector/nvd-cve
source/NVD
collector/github-advisory
agent/tags
agent/trending
vendor/reportlab
canonical/reportlab reportlab
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/34
version/fedoraproject fedora/35
package-manager/pip