RedHatRHSA-2024:2734

HistoryMay 22, 2024 - 8:31 p.m.

(RHSA-2024:2734) Moderate: Red Hat OpenStack Platform 17.1 (python-urllib3) security update

Vulners
Redhat
(RHSA-2024:2734) Moderate: Red Hat OpenStack Platform 17.1 (python-urllib3) security update

2024-05-2220:31:21

access.redhat.com

red hat

openstack

security update

python-urllib3

redirect vulnerability

cvss score

cve page

http module

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.9%

JSON

Python HTTP module with connection pooling and file POST abilities.

Security Fix(es):

Request body not stripped after redirect from 303 status changes request
method to GET (CVE-2023-45803)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8noarchpython3-urllib3< 1.25.10-6.el8ostpython3-urllib3-1.25.10-6.el8ost.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	noarch	python3-urllib3	< 1.25.10-6.el8ost	python3-urllib3-1.25.10-6.el8ost.noarch.rpm

cve 1

osv 12

fedora 3

nessus 44

ibm 21

openvas 20

alpinelinux 1

cbl_mariner 1

amazon 1

nvd 1

redos 1

github 1

wolfi 1

ubuntucve 1

prion 1

veracode 1

debiancve 1

cgr 1

cvelist 1

redhatcve 1

redhat 26

almalinux 5

photon 1

oraclelinux 5

ubuntu 2

cloudfoundry 1

rocky 1

hp 2

oracle 1

cve

CVE-2023-45803

2023-10-17 20:15:10

osv

urllib3's request body not stripped after redirect from 303 status changes request method to GET

2023-10-17 20:15:25

CVE-2023-45803

2023-10-17 20:15:10

python-urllib3 - security update

2023-11-08 00:00:00

fedora

[SECURITY] Fedora 38 Update: python-urllib3-1.26.18-1.fc38

2023-10-21 01:30:09

[SECURITY] Fedora 37 Update: python-urllib3-1.26.18-1.fc37

2023-11-03 01:10:53

[SECURITY] Fedora 39 Update: python-urllib3-1.26.18-1.fc39

2023-11-03 19:01:21

nessus

SUSE SLED12 / SLES12 Security Update : python-urllib3 (SUSE-SU-2023:4468-1)

2023-11-17 00:00:00

Fedora 37 : python-urllib3 (2023-dede912109)

2023-11-03 00:00:00

RHEL 8 : Red Hat OpenStack Platform 17.1 (python-urllib3) (RHSA-2024:2734)

2024-05-22 00:00:00

ibm

Security Bulletin: urllib3 is vulnerable to CVE-2023-45803 used in IBM Maximo Application Suite - Monitor Component

2024-02-27 16:20:30

Security Bulletin: Vulnerability in urllib3 affects IBM Process Mining CVE-2023-45803

2024-01-05 16:45:02

Security Bulletin: IBM Spectrum Conductor with urllib3 could allow a remote authenticated attacker to obtain sensitive information

2024-02-28 15:45:02

openvas

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-1185)

2024-02-09 00:00:00

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-1205)

2024-02-09 00:00:00

Fedora: Security Advisory for python-urllib3 (FEDORA-2023-932b0c86f4)

2023-10-22 00:00:00

alpinelinux

CVE-2023-45803

2023-10-17 20:15:10

cbl_mariner

CVE-2023-45803 affecting package python-urllib3 for versions less than 1.26.18-1

2023-11-08 02:07:28

amazon

Medium: python-urllib3

2024-01-03 21:04:00

nvd

CVE-2023-45803

2023-10-17 20:15:10

redos

ROS-20240403-11

2024-04-03 00:00:00

github

urllib3's request body not stripped after redirect from 303 status changes request method to GET

2023-10-17 20:15:25

wolfi

CVE-2023-45803 vulnerabilities

2024-06-25 03:08:26

ubuntucve

CVE-2023-45803

2023-10-17 00:00:00

prion

Design/Logic Flaw

2023-10-17 20:15:00

veracode

Information Disclosure

2023-10-19 07:19:20

debiancve

CVE-2023-45803

2023-10-17 20:15:10

cgr

CVE-2023-45803 vulnerabilities

2024-05-19 03:07:16

cvelist

CVE-2023-45803 Request body not stripped after redirect in urllib3

2023-10-17 19:43:45

redhatcve

CVE-2023-45803

2023-10-29 14:55:37

redhat

(RHSA-2024:0588) Moderate: python-urllib3 security update

2024-01-30 12:53:27

(RHSA-2024:2952) Moderate: resource-agents security and bug fix update

2024-05-22 06:35:10

(RHSA-2024:0464) Moderate: python-urllib3 security update

2024-01-24 14:41:03

almalinux

Moderate: resource-agents security and bug fix update

2024-05-22 00:00:00

Moderate: python-urllib3 security update

2024-01-25 00:00:00

Moderate: python-urllib3 security update

2024-01-10 00:00:00

photon

Moderate Photon OS Security Update - PHSA-2024-5.0-0211

2024-02-16 00:00:00

oraclelinux

python-urllib3 security update

2024-01-10 00:00:00

python-urllib3 security update

2024-01-25 00:00:00

fence-agents security and bug fix update

2024-05-02 00:00:00

ubuntu

pip vulnerabilities

2023-11-15 00:00:00

urllib3 vulnerabilities

2023-11-07 00:00:00

cloudfoundry

USN-6473-1: urllib3 vulnerabilities | Cloud Foundry

2023-11-09 00:00:00

rocky

fence-agents security and bug fix update

2024-06-14 13:59:30

HP ThinPro 8.1 SP 2 Security Updates

2024-04-12 00:00:00

HP ThinPro 8.0 SP 8 Security Updates

2024-03-01 00:00:00

oracle

Oracle Critical Patch Update Advisory - April 2024

2024-04-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

(RHSA-2024:2734) Moderate: Red Hat OpenStack Platform 17.1 (python-urllib3) security update

Related