CVE-2023-43804 affecting package python-urllib3 for versions less than 2.0.7-1. An upgraded version of the package is available that resolves this issue.

OSVersionArchitecturePackageVersionFilename
Azure Linux3.0allpython-urllib3< 2.0.7-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Azure Linux	3.0	all	python-urllib3	< 2.0.7-1	UNKNOWN

osv 19

nessus 69

f5 1

openvas 30

almalinux 6

debiancve 1

ibm 23

cve 1

rocky 1

prion 1

oraclelinux 6

redhat 18

github 1

cbl_mariner 1

wolfi 1

fedora 3

redos 2

cvelist 1

cgr 1

githubexploit 2

alpinelinux 1

ubuntucve 1

veracode 1

nvd 1

redhatcve 1

aix 1

photon 2

ubuntu 2

cloudfoundry 1

osv

CGA-7c9w-c64m-rwq2

2024-06-06 12:24:55

Moderate: python3.11-urllib3 security update

2024-04-30 00:00:00

`Cookie` HTTP header isn't stripped on cross-origin redirects

2023-10-02 23:27:05

nessus

EulerOS 2.0 SP11 : python-pip (EulerOS-SA-2024-2110)

2024-08-08 00:00:00

EulerOS 2.0 SP9 : python-pip (EulerOS-SA-2023-3315)

2024-01-16 00:00:00

EulerOS 2.0 SP9 : python-urllib3 (EulerOS-SA-2023-3316)

2024-01-16 00:00:00

K000138600 : Python vulnerability CVE-2023-43804

2024-02-13 00:00:00

openvas

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2023-3348)

2023-12-12 00:00:00

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2024-1046)

2024-01-05 00:00:00

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2024-2186)

2024-08-20 00:00:00

almalinux

Moderate: python3.11-urllib3 security update

2024-05-22 00:00:00

Moderate: python3.11-urllib3 security update

2024-04-30 00:00:00

Moderate: python-urllib3 security update

2024-01-25 00:00:00

debiancve

CVE-2023-43804

2023-10-04 17:15:10

ibm

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to urllib3 sensitive information discolsure vulnerabilitiy [ CVE-2023-43804]

2024-02-05 19:46:45

Security Bulletin: IBM Maximo Application Suite uses urllib3-1.26.14-py2.py3-none-any.whl which is vulnerable to CVE-2023-43804.

2024-02-06 09:07:10

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in urllib3-1.26.16-py2.py3-none-any.whl

2024-03-28 11:47:35

cve

CVE-2023-43804

2023-10-04 17:15:10

rocky

python3.11-urllib3 security update

2024-06-14 13:59:30

prion

Information disclosure

2023-10-04 17:15:00

oraclelinux

python3.11-urllib3 security update

2024-05-02 00:00:00

python3.11-urllib3 security update

2024-05-23 00:00:00

fence-agents security update

2023-12-18 00:00:00

redhat

(RHSA-2024:2159) Moderate: python3.11-urllib3 security update

2024-04-30 06:14:54

(RHSA-2024:2986) Moderate: python3.11-urllib3 security update

2024-05-22 06:35:16

(RHSA-2024:0187) Moderate: Red Hat OpenStack Platform 17.1 (python-urllib3) security update

2024-01-16 14:14:01

github

`Cookie` HTTP header isn't stripped on cross-origin redirects

2023-10-02 23:27:05

cbl_mariner

CVE-2023-43804 affecting package python-urllib3 for versions less than 1.26.18-1

2023-11-08 02:07:28

wolfi

CVE-2023-43804 vulnerabilities

2024-09-20 21:14:10

fedora

[SECURITY] Fedora 37 Update: python-urllib3-1.26.17-1.fc37

2023-10-13 01:33:52

[SECURITY] Fedora 38 Update: python-urllib3-1.26.17-1.fc38

2023-10-11 01:37:16

[SECURITY] Fedora 39 Update: python-urllib3-1.26.18-1.fc39

2023-11-03 19:01:21

redos

ROS-20240405-02

2024-04-05 00:00:00

ROS-20240412-04

2024-04-12 00:00:00

cvelist

CVE-2023-43804 `Cookie` HTTP header isn't stripped on cross-origin redirects

2023-10-04 16:01:50

cgr

CVE-2023-43804 vulnerabilities

2024-05-19 03:07:16

githubexploit

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Python Urllib3

2023-10-13 06:15:45

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Python Urllib3

2023-10-13 06:15:45

alpinelinux

CVE-2023-43804

2023-10-04 17:15:10

ubuntucve

CVE-2023-43804

2023-10-04 00:00:00

veracode

Information Disclosure

2023-10-06 12:09:49

nvd

CVE-2023-43804

2023-10-04 17:15:10

redhatcve

CVE-2023-43804

2023-10-10 04:25:25

aix

AIX is affected by multiple vulnerabilities due to Python

2023-12-21 08:42:03

photon

Important Photon OS Security Update - PHSA-2023-4.0-0519

2023-11-23 00:00:00

Important Photon OS Security Update - PHSA-2023-5.0-0155

2023-11-25 00:00:00

ubuntu

pip vulnerabilities

2023-11-15 00:00:00

urllib3 vulnerabilities

2023-11-07 00:00:00

cloudfoundry

USN-6473-1: urllib3 vulnerabilities | Cloud Foundry

2023-11-09 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

39.2%

JSON

Related for CBLMARINER:35444