rhsa-2021:3252
Vulnerability from csaf_redhat
Published
2021-08-24 13:06
Modified
2025-03-15 21:35
Summary
Red Hat Security Advisory: python27 security update
Notes
Topic
An update for python27-babel, python27-python, python27-python-jinja2, and python27-python-pygments is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)
* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)
* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)
* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)
* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)
* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)
* python-pygments: ReDoS via crafted malicious input (CVE-2021-27291)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional information
* Changes in the default separator for the Python urllib parsing functions
To mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (&) and semicolon (;) to only an ampersand.
The change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer’s application has been affected by the change.
For more information, see the Knowledgebase article "Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)" linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for python27-babel, python27-python, python27-python-jinja2, and python27-python-pygments is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n* python-pygments: ReDoS via crafted malicious input (CVE-2021-27291)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional information\n\n* Changes in the default separator for the Python urllib parsing functions\n\nTo mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (&) and semicolon (;) to only an ampersand.\n\nThe change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer’s application has been affected by the change.\n\nFor more information, see the Knowledgebase article \"Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)\" linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:3252", url: "https://access.redhat.com/errata/RHSA-2021:3252", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/articles/5860431", url: "https://access.redhat.com/articles/5860431", }, { category: "external", summary: "1889886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889886", }, { category: "external", summary: "1918168", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1918168", }, { category: "external", summary: "1922136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1922136", }, { category: "external", summary: "1928707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1928707", }, { category: "external", summary: "1928904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1928904", }, { category: "external", summary: "1940603", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1940603", }, { category: "external", summary: "1955615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1955615", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3252.json", }, ], title: "Red Hat Security Advisory: python27 security update", tracking: { current_release_date: "2025-03-15T21:35:43+00:00", generator: { date: "2025-03-15T21:35:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2021:3252", initial_release_date: "2021-08-24T13:06:56+00:00", revision_history: [ { date: "2021-08-24T13:06:56+00:00", number: "1", summary: "Initial version", }, { date: "2021-08-24T13:06:56+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-15T21:35:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, ], category: "product_family", name: "Red Hat Software Collections", }, { branches: [ { category: "product_version", name: "python27-python-pygments-0:1.5-5.el7.src", product: { name: "python27-python-pygments-0:1.5-5.el7.src", product_id: "python27-python-pygments-0:1.5-5.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-pygments@1.5-5.el7?arch=src", }, }, }, { category: "product_version", name: "python27-python-0:2.7.18-3.el7.src", product: { name: "python27-python-0:2.7.18-3.el7.src", product_id: "python27-python-0:2.7.18-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=src", }, }, }, { category: "product_version", name: "python27-python-jinja2-0:2.6-16.el7.src", product: { name: "python27-python-jinja2-0:2.6-16.el7.src", product_id: "python27-python-jinja2-0:2.6-16.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-jinja2@2.6-16.el7?arch=src", }, }, }, { category: "product_version", name: "python27-babel-0:0.9.6-10.el7.src", product: { name: "python27-babel-0:0.9.6-10.el7.src", product_id: "python27-babel-0:0.9.6-10.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/python27-babel@0.9.6-10.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python27-python-pygments-0:1.5-5.el7.noarch", product: { name: "python27-python-pygments-0:1.5-5.el7.noarch", product_id: "python27-python-pygments-0:1.5-5.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-pygments@1.5-5.el7?arch=noarch", }, }, }, { category: "product_version", name: "python27-python-jinja2-0:2.6-16.el7.noarch", product: { name: "python27-python-jinja2-0:2.6-16.el7.noarch", product_id: "python27-python-jinja2-0:2.6-16.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-jinja2@2.6-16.el7?arch=noarch", }, }, }, { category: "product_version", name: "python27-babel-0:0.9.6-10.el7.noarch", product: { name: "python27-babel-0:0.9.6-10.el7.noarch", product_id: "python27-babel-0:0.9.6-10.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python27-babel@0.9.6-10.el7?arch=noarch", }, }, }, { category: "product_version", name: "python27-python-babel-0:0.9.6-10.el7.noarch", product: { name: "python27-python-babel-0:0.9.6-10.el7.noarch", product_id: "python27-python-babel-0:0.9.6-10.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-babel@0.9.6-10.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python27-python-0:2.7.18-3.el7.x86_64", product: { name: "python27-python-0:2.7.18-3.el7.x86_64", product_id: "python27-python-0:2.7.18-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "python27-python-debug-0:2.7.18-3.el7.x86_64", product: { name: "python27-python-debug-0:2.7.18-3.el7.x86_64", product_id: "python27-python-debug-0:2.7.18-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "python27-python-devel-0:2.7.18-3.el7.x86_64", product: { name: "python27-python-devel-0:2.7.18-3.el7.x86_64", product_id: "python27-python-devel-0:2.7.18-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "python27-python-libs-0:2.7.18-3.el7.x86_64", product: { name: "python27-python-libs-0:2.7.18-3.el7.x86_64", product_id: "python27-python-libs-0:2.7.18-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "python27-python-test-0:2.7.18-3.el7.x86_64", product: { name: "python27-python-test-0:2.7.18-3.el7.x86_64", product_id: "python27-python-test-0:2.7.18-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "python27-python-tools-0:2.7.18-3.el7.x86_64", product: { name: "python27-python-tools-0:2.7.18-3.el7.x86_64", product_id: "python27-python-tools-0:2.7.18-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "python27-tkinter-0:2.7.18-3.el7.x86_64", product: { name: "python27-tkinter-0:2.7.18-3.el7.x86_64", product_id: "python27-tkinter-0:2.7.18-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", product: { name: "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", product_id: "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "python27-python-0:2.7.18-3.el7.s390x", product: { name: "python27-python-0:2.7.18-3.el7.s390x", product_id: "python27-python-0:2.7.18-3.el7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=s390x", }, }, }, { category: "product_version", name: "python27-python-debug-0:2.7.18-3.el7.s390x", product: { name: "python27-python-debug-0:2.7.18-3.el7.s390x", product_id: "python27-python-debug-0:2.7.18-3.el7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=s390x", }, }, }, { category: "product_version", name: "python27-python-devel-0:2.7.18-3.el7.s390x", product: { name: "python27-python-devel-0:2.7.18-3.el7.s390x", product_id: "python27-python-devel-0:2.7.18-3.el7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=s390x", }, }, }, { category: "product_version", name: "python27-python-libs-0:2.7.18-3.el7.s390x", product: { name: "python27-python-libs-0:2.7.18-3.el7.s390x", product_id: "python27-python-libs-0:2.7.18-3.el7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=s390x", }, }, }, { category: "product_version", name: "python27-python-test-0:2.7.18-3.el7.s390x", product: { name: "python27-python-test-0:2.7.18-3.el7.s390x", product_id: "python27-python-test-0:2.7.18-3.el7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=s390x", }, }, }, { category: "product_version", name: "python27-python-tools-0:2.7.18-3.el7.s390x", product: { name: "python27-python-tools-0:2.7.18-3.el7.s390x", product_id: "python27-python-tools-0:2.7.18-3.el7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=s390x", }, }, }, { category: "product_version", name: "python27-tkinter-0:2.7.18-3.el7.s390x", product: { name: "python27-tkinter-0:2.7.18-3.el7.s390x", product_id: "python27-tkinter-0:2.7.18-3.el7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=s390x", }, }, }, { category: "product_version", name: "python27-python-debuginfo-0:2.7.18-3.el7.s390x", product: { name: "python27-python-debuginfo-0:2.7.18-3.el7.s390x", product_id: "python27-python-debuginfo-0:2.7.18-3.el7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "python27-python-0:2.7.18-3.el7.ppc64le", product: { name: "python27-python-0:2.7.18-3.el7.ppc64le", product_id: "python27-python-0:2.7.18-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "python27-python-debug-0:2.7.18-3.el7.ppc64le", product: { name: "python27-python-debug-0:2.7.18-3.el7.ppc64le", product_id: "python27-python-debug-0:2.7.18-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "python27-python-devel-0:2.7.18-3.el7.ppc64le", product: { name: "python27-python-devel-0:2.7.18-3.el7.ppc64le", product_id: "python27-python-devel-0:2.7.18-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "python27-python-libs-0:2.7.18-3.el7.ppc64le", product: { name: "python27-python-libs-0:2.7.18-3.el7.ppc64le", product_id: "python27-python-libs-0:2.7.18-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "python27-python-test-0:2.7.18-3.el7.ppc64le", product: { name: "python27-python-test-0:2.7.18-3.el7.ppc64le", product_id: "python27-python-test-0:2.7.18-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "python27-python-tools-0:2.7.18-3.el7.ppc64le", product: { name: "python27-python-tools-0:2.7.18-3.el7.ppc64le", product_id: "python27-python-tools-0:2.7.18-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "python27-tkinter-0:2.7.18-3.el7.ppc64le", product: { name: "python27-tkinter-0:2.7.18-3.el7.ppc64le", product_id: "python27-tkinter-0:2.7.18-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", product: { name: "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", product_id: "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", }, product_reference: "python27-babel-0:0.9.6-10.el7.noarch", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", }, product_reference: "python27-babel-0:0.9.6-10.el7.src", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", }, product_reference: "python27-python-0:2.7.18-3.el7.src", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", }, product_reference: "python27-python-babel-0:0.9.6-10.el7.noarch", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-debug-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-debug-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-debug-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-debuginfo-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-devel-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-devel-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-devel-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", }, product_reference: "python27-python-jinja2-0:2.6-16.el7.noarch", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", }, product_reference: "python27-python-jinja2-0:2.6-16.el7.src", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-libs-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-libs-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-libs-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", }, product_reference: "python27-python-pygments-0:1.5-5.el7.noarch", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", }, product_reference: "python27-python-pygments-0:1.5-5.el7.src", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-test-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-test-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-test-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-tools-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-tools-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-tools-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-tkinter-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", }, product_reference: "python27-tkinter-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-tkinter-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7-7.7.Z", }, { category: "default_component_of", full_product_name: { name: "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", }, product_reference: "python27-babel-0:0.9.6-10.el7.noarch", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", }, product_reference: "python27-babel-0:0.9.6-10.el7.src", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", }, product_reference: "python27-python-0:2.7.18-3.el7.src", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", }, product_reference: "python27-python-babel-0:0.9.6-10.el7.noarch", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-debug-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-debug-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-debug-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-debuginfo-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-devel-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-devel-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-devel-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", }, product_reference: "python27-python-jinja2-0:2.6-16.el7.noarch", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", }, product_reference: "python27-python-jinja2-0:2.6-16.el7.src", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-libs-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-libs-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-libs-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", }, product_reference: "python27-python-pygments-0:1.5-5.el7.noarch", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", }, product_reference: "python27-python-pygments-0:1.5-5.el7.src", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-test-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-test-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-test-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-tools-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-tools-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-tools-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-tkinter-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", }, product_reference: "python27-tkinter-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-tkinter-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", }, product_reference: "python27-babel-0:0.9.6-10.el7.noarch", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", }, product_reference: "python27-babel-0:0.9.6-10.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", }, product_reference: "python27-python-0:2.7.18-3.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", }, product_reference: "python27-python-babel-0:0.9.6-10.el7.noarch", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-debug-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-debug-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-debug-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-debuginfo-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-devel-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-devel-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-devel-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", }, product_reference: "python27-python-jinja2-0:2.6-16.el7.noarch", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", }, product_reference: "python27-python-jinja2-0:2.6-16.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-libs-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-libs-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-libs-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", }, product_reference: "python27-python-pygments-0:1.5-5.el7.noarch", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", }, product_reference: "python27-python-pygments-0:1.5-5.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-test-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-test-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-test-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-python-tools-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", }, product_reference: "python27-python-tools-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-python-tools-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", }, product_reference: "python27-tkinter-0:2.7.18-3.el7.ppc64le", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", }, product_reference: "python27-tkinter-0:2.7.18-3.el7.s390x", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, { category: "default_component_of", full_product_name: { name: "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", }, product_reference: "python27-tkinter-0:2.7.18-3.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.7", }, ], }, vulnerabilities: [ { cve: "CVE-2020-27619", cwe: { id: "CWE-95", name: "Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", }, discovery_date: "2020-10-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1889886", }, ], notes: [ { category: "description", text: "In Python3's Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.", title: "Vulnerability description", }, { category: "summary", text: "python: Unsafe use of eval() on data retrieved via HTTP in the test suite", title: "Vulnerability summary", }, { category: "other", text: "As of Red Hat Quay 3.4 the python runtime will be consumed from RHEL. Currently releases up to 3.3 won't get fixes for this moderate issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-27619", }, { category: "external", summary: "RHBZ#1889886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1889886", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-27619", url: "https://www.cve.org/CVERecord?id=CVE-2020-27619", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-27619", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-27619", }, ], release_date: "2020-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-08-24T13:06:56+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:3252", }, { category: "workaround", details: "In versions of Python shipped with Red Hat Enterprise Linux and Red Hat Software Collections, the flaw can be mitigated by not running the python tests with network resources enabled. By default, the tests are not run with network resources enabled. Ensure that `-u network` or `-uall` are not passed as options to `python -m test`. For more information on how these commands work, see [1].\n\n1. https://docs.python.org/3/library/test.html", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: Unsafe use of eval() on data retrieved via HTTP in the test suite", }, { cve: "CVE-2020-28493", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-02-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1928707", }, ], notes: [ { category: "description", text: "A flaw was found in python-jinja2. The ReDOS vulnerability of the regex is mainly due to the sub-pattern [a-zA-Z0-9._-]+.[a-zA-Z0-9._-]+. This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory.", title: "Vulnerability description", }, { category: "summary", text: "python-jinja2: ReDoS vulnerability in the urlize filter", title: "Vulnerability summary", }, { category: "other", text: "This flaw is out of support scope for the following products:\n\n* Red Hat Enterprise Linux 6\n* Red Hat Enterprise Linux 7\n* Red Hat Ceph Storage 2\n\nTo learn more about Red Hat Enterprise Linux support scopes, please see https://access.redhat.com/support/policy/updates/errata/\n\nIn Red Hat OpenStack Platform, because python-jinja2 is not directly customer exposed, the Impact has been moved to Low and no updated will be provided at this time for the RHOSP python-jinja2 package.\n\nRed Hat Quay does not make use of the vulnerable function, so the impact is Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-28493", }, { category: "external", summary: "RHBZ#1928707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1928707", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-28493", url: "https://www.cve.org/CVERecord?id=CVE-2020-28493", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-28493", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-28493", }, ], release_date: "2021-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-08-24T13:06:56+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:3252", }, { category: "workaround", details: "If using the jinja2 library as a developer, this flaw can be mitigated by not using the vulnerable urlize() filter, and instead, using Markdown to format user content.", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-jinja2: ReDoS vulnerability in the urlize filter", }, { cve: "CVE-2021-3177", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, discovery_date: "2021-01-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1918168", }, ], notes: [ { category: "description", text: "A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack and crash the application. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c", title: "Vulnerability summary", }, { category: "other", text: "This flaw could have had a higher Impact, however our packages are compiled with FORTIFY_SOURCE, which provides runtime protection to some memory and string functions and prevents this flaw from actually overwriting the buffer and potentially executing code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3177", }, { category: "external", summary: "RHBZ#1918168", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1918168", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3177", url: "https://www.cve.org/CVERecord?id=CVE-2021-3177", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3177", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3177", }, ], release_date: "2021-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-08-24T13:06:56+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:3252", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c", }, { cve: "CVE-2021-20095", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2021-04-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1955615", }, ], notes: [ { category: "description", text: "A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", title: "Vulnerability description", }, { category: "summary", text: "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code", title: "Vulnerability summary", }, { category: "other", text: "It is rather uncommon for applications to use Babel.Locale() with an untrusted attacker-controlled language argument. A static language abbreviation string (e.g. \"en\") is most commonly used instead. For this reason, this flaw has been rated as having a security impact of Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20095", }, { category: "external", summary: "RHBZ#1955615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1955615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20095", url: "https://www.cve.org/CVERecord?id=CVE-2021-20095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20095", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20095", }, { category: "external", summary: "https://www.tenable.com/security/research/tra-2021-14", url: "https://www.tenable.com/security/research/tra-2021-14", }, ], release_date: "2021-04-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-08-24T13:06:56+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:3252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code", }, { cve: "CVE-2021-20270", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2021-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1922136", }, ], notes: [ { category: "description", text: "An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the \"exception\" keyword.", title: "Vulnerability description", }, { category: "summary", text: "python-pygments: Infinite loop in SML lexer may lead to DoS", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform 3.11, the vulnerable version of python-pygments is embedded in the google-cloud-sdk package, which is shipped in the openshift-ansible container (aos3-installation-container). As the access to the openshift-ansible container is restricted only to cluster administrators, this component is affected but with a Low impact. The google-cloud-sdk package was shipped in OpenShift Container Platform 4.1, which is End of Life.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20270", }, { category: "external", summary: "RHBZ#1922136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1922136", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20270", url: "https://www.cve.org/CVERecord?id=CVE-2021-20270", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20270", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20270", }, ], release_date: "2020-12-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-08-24T13:06:56+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:3252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-pygments: Infinite loop in SML lexer may lead to DoS", }, { cve: "CVE-2021-23336", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2021-02-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1928904", }, ], notes: [ { category: "description", text: "The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.", title: "Vulnerability description", }, { category: "summary", text: "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters", title: "Vulnerability summary", }, { category: "other", text: "The python36 component in the python36:3.6 module in Red Hat Enterprise Linux 8 is listed as not affected, as it does not contain Python interpreter or libraries. Packages of the python36 component only provide convenient links to the Python interpreter included in the non-modular python3 component's platform-python packages. Users of python36:3.6 module also need to check the entry for the python3 component to determine if their systems are affected.\n\nRed Hat Ceph Storage (RHCS) 3 ships an older version of python-django without the directly affected function, but which is still vulnerable to a similar attack involving the semi colon separator. Hence, impact has been rated as Low.\n\nAlthough Red Hat OpenStack Platform 13 & 16.1 both ship the affected code, since the proxy is controlled and configured by OpenStack, the impact has been lowered to Low. As a fix would require a substantial effort or commitment of time, no fix will be provided at this time.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-23336", }, { category: "external", summary: "RHBZ#1928904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1928904", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-23336", url: "https://www.cve.org/CVERecord?id=CVE-2021-23336", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-23336", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-23336", }, { category: "external", summary: "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933", url: "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933", }, ], release_date: "2021-02-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-08-24T13:06:56+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:3252", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters", }, { cve: "CVE-2021-27291", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-03-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1940603", }, ], notes: [ { category: "description", text: "A denial of service attack was discovered against pygments. Some of the regular expressions used to tokenise source code for highlighting have exponential complexity. A specially crafted input file could cause pygments to take effectively infinite time to parse, consuming CPU resources and denying access to the service.", title: "Vulnerability description", }, { category: "summary", text: "python-pygments: ReDoS in multiple lexers", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-27291", }, { category: "external", summary: "RHBZ#1940603", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1940603", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-27291", url: "https://www.cve.org/CVERecord?id=CVE-2021-27291", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-27291", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-27291", }, ], release_date: "2021-01-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-08-24T13:06:56+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:3252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-pygments: ReDoS in multiple lexers", }, { cve: "CVE-2021-42771", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2021-04-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1955615", }, ], notes: [ { category: "description", text: "A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", title: "Vulnerability description", }, { category: "summary", text: "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code", title: "Vulnerability summary", }, { category: "other", text: "It is rather uncommon for applications to use Babel.Locale() with an untrusted attacker-controlled language argument. A static language abbreviation string (e.g. \"en\") is most commonly used instead. For this reason, this flaw has been rated as having a security impact of Moderate.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-42771", }, { category: "external", summary: "RHBZ#1955615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1955615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-42771", url: "https://www.cve.org/CVERecord?id=CVE-2021-42771", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-42771", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-42771", }, { category: "external", summary: "https://www.tenable.com/security/research/tra-2021-14", url: "https://www.tenable.com/security/research/tra-2021-14", }, ], release_date: "2021-04-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-08-24T13:06:56+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:3252", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.