Lucene search
K

python-urllib3: Cookie request header isn't stripped during cross-origin redirects

🗓️ 07 Feb 2024 20:46:32Reported by RedHatType 
redhat
 redhat
🔗 access.redhat.com👁 4 Views

Flaw in urllib3 allows Cookie header to be leaked on cross-origin redirects if redirects are not disabled.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM InfoSphere Information Server is affected by urllib3 vulnerability (CVE-2023-43804)
29 Nov 202304:36
ibm
IBM Security Bulletins
Security Bulletin: IBM Spectrum Symphony provides upgraded software packages to address known CVEs
31 Jan 202402:01
ibm
IBM Security Bulletins
Security Bulletin: A vulnerability in Python affects IBM Robotic Process Automation and could allow a remote authenticated attacker to obtain sensitive information (CVE-2023-43804).
2 Dec 202415:55
ibm
IBM Security Bulletins
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in urllib3-1.26.16-py2.py3-none-any.whl
28 Mar 202411:47
ibm
IBM Security Bulletins
Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities
30 Aug 202413:25
ibm
IBM Security Bulletins
Security Bulletin: multiple vulnerabilities in IBM Spectrum Symphony with Requests and urlib3
23 Oct 202520:25
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in urllib3 affects IBM Integrated Analytics System [CVE-2023-43804, CVE-2021-33503].
15 Oct 202409:46
ibm
IBM Security Bulletins
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
15 Apr 202503:04
ibm
IBM Security Bulletins
Security Bulletin: IBM Spectrum Conductor provides upgraded software packages to address known CVEs
31 Jan 202402:03
ibm
IBM Security Bulletins
Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities
3 Jun 202511:35
ibm
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux8aarch64automation-controller-venv-tower0:4.5.1-1.el8apautomation-controller-venv-tower-0:4.5.1-1.el8ap.aarch64.rpm
Red Hat Enterprise Linux8ppc64leautomation-controller-venv-tower0:4.5.1-1.el8apautomation-controller-venv-tower-0:4.5.1-1.el8ap.ppc64le.rpm
Red Hat Enterprise Linux8s390xautomation-controller-venv-tower0:4.5.1-1.el8apautomation-controller-venv-tower-0:4.5.1-1.el8ap.s390x.rpm
Red Hat Enterprise Linux8x86_64automation-controller-venv-tower0:4.5.1-1.el8apautomation-controller-venv-tower-0:4.5.1-1.el8ap.x86_64.rpm
Red Hat Enterprise Linux9aarch64automation-controller-venv-tower0:4.5.1-1.el9apautomation-controller-venv-tower-0:4.5.1-1.el9ap.aarch64.rpm
Red Hat Enterprise Linux9ppc64leautomation-controller-venv-tower0:4.5.1-1.el9apautomation-controller-venv-tower-0:4.5.1-1.el9ap.ppc64le.rpm
Red Hat Enterprise Linux9s390xautomation-controller-venv-tower0:4.5.1-1.el9apautomation-controller-venv-tower-0:4.5.1-1.el9ap.s390x.rpm
Red Hat Enterprise Linux9x86_64automation-controller-venv-tower0:4.5.1-1.el9apautomation-controller-venv-tower-0:4.5.1-1.el9ap.x86_64.rpm

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 Jul 2026 01:57Current
6.8Medium risk
Vulners AI Score6.8
CVSS 3.15.9 - 8.1
EPSS0.01207
4