ROOT-APP-PYPI-CVE-2023-43804 CVE-2023-43804 in rootio-urllib3 - Patched by Root

Root has patched CVE-2023-43804 in the rootio-urllib3 package for Root:PyPI. Multiple fixed versions available...

MiracleLinux 9 : python-urllib3-1.26.5-3.el9_3.1 (AXSA:2024-7481:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7481:02 advisory. python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 urllib3: Request body not stripped after redirect...

MiracleLinux 9 : python3.11-urllib3-1.26.12-2.el9 (AXSA:2024-7978:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7978:01 advisory. python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 Tenable has extracted the preceding description block...

MiracleLinux 8 : python3.11-urllib3-1.26.12-2.el8 (AXSA:2024-8336:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8336:02 advisory. python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 Tenable has extracted the preceding description block...

Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2023-43804, CVE-2023-45803]

Summary The urllib3 package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2023-43804, CVE-2023-45803 Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3...

com.liferay:com.liferay.calendar.service (>=2.2.0 <=2.5.7), com.liferay:com.liferay.document.library.service (>=1.0.0 <=2.0.6) +10 more potentially affected by CVE-2025-43804 via com.liferay:com.liferay.portal.search (>=1.0.0 <=8.0.113)

com.liferay:com.liferay.portal.search MAVEN version =1.0.0, =2.2.0, =1.0.0, =1.1.29, =1.1.0, =1.0.0, =1.0.10, =3.4.9, =1.0.0, =2.0.5, =1.0.0, =1.2.2, =2.1.2, =2.1.11 Source cves: CVE-2025-43804 Source advisory: OSV:GHSA-CCRC-5VP5-VP5J...

Linux Distros Unpatched Vulnerability : CVE-2023-43804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over...

NewStart CGSL MAIN 7.02 : python-urllib3 Multiple Vulnerabilities (NS-SA-2025-0157)

The remote NewStart CGSL host, running version MAIN 7.02, has python-urllib3 packages installed that are affected by multiple vulnerabilities: - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing...

TencentOS Server 3: python-urllib3 (TSSA-2024:0017)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0017 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: python27:2.7 (TSSA-2024:0777)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0777 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: python3.11-urllib3 (TSSA-2024:0185)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0185 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide...

Alibaba Cloud Linux 3 : 0182: python-urllib3 (ALINUX3-SA-2024:0182)

The remote Alibaba Cloud Linux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0182 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-43804: urllib3 is a user-friendly...

Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-43804, CVE-2023-45803].

Summary The urllib3 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-43804, CVE-2023-45803. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3...

Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-43804].

Summary The urllib3 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-43804. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive information,...

CVE-2023-43804 affecting package python3 for versions less than 3.9.19-13

CVE-2023-43804 affecting package python3 for versions less than 3.9.19-13. A patched version of the package is available...

Security Bulletin: IBM Maximo Application Suite - IoT uses multiple dependencies which is vulnerable to CVEs.

Summary IBM Maximo Application Suite - IoT uses pip-9.0.3.dist-info, urllib3-1.24.2-py3.6.egg-info, setuptools-39.2.0.dist-info which is vulnerable to CVE-2019-20916, CVE-2023-43804, CVE-2024-6345. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Detai...

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 1.0.5 Vulnerability Details CVEID:CVE-2023-39326 DESCRIPTION: Golang Go could allow a remote attacker to obtain sensitive information, caused by a flaw in the net/http package. By sending a specially crafted HTTP...

Azure Linux 3.0 Security Update: python-urllib3 / python3 (CVE-2023-43804)

The version of python-urllib3 / python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43804 advisory. - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cooki...

Debian: Security Advisory (DLA-3998-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...