Lucene search

K
redhatRedHatRHSA-2024:2986
HistoryMay 22, 2024 - 6:35 a.m.

(RHSA-2024:2986) Moderate: python3.11-urllib3 security update

2024-05-2206:35:16
access.redhat.com
6
rhsa-2024
moderate
python-urllib3
security
update
cve-2023-43804
red hat enterprise linux 8.10

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

36.2%

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities.

Security Fix(es):

  • python-urllib3: Cookie request header isn’t stripped during cross-origin redirects (CVE-2023-43804)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8noarchpython3.11-urllib3< 1.26.12-2.el8python3.11-urllib3-1.26.12-2.el8.noarch.rpm