176 matches found
MiracleLinux 9 : python-urllib3-1.26.5-3.el9_3.1 (AXSA:2024-7481:02)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7481:02 advisory. python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 urllib3: Request body not stripped after redirect...
MiracleLinux 8 : python3.11-urllib3-1.26.12-2.el8 (AXSA:2024-8336:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8336:02 advisory. python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 Tenable has extracted the preceding description block...
MiracleLinux 9 : python3.11-urllib3-1.26.12-2.el9 (AXSA:2024-7978:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7978:01 advisory. python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 Tenable has extracted the preceding description block...
Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2023-43804, CVE-2023-45803]
Summary The urllib3 package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2023-43804, CVE-2023-45803 Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3...
NewStart CGSL MAIN 7.02 : python-urllib3 Multiple Vulnerabilities (NS-SA-2025-0157)
The remote NewStart CGSL host, running version MAIN 7.02, has python-urllib3 packages installed that are affected by multiple vulnerabilities: - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing...
TencentOS Server 3: python3.11-urllib3 (TSSA-2024:0185)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0185 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 3: python-urllib3 (TSSA-2024:0017)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0017 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: python27:2.7 (TSSA-2024:0777)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0777 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities
Summary QRadar Suite Software includes components with known vulnerabilities. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide...
Alibaba Cloud Linux 3 : 0182: python-urllib3 (ALINUX3-SA-2024:0182)
The remote Alibaba Cloud Linux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0182 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-43804: urllib3 is a user-friendly...
Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-43804, CVE-2023-45803].
Summary The urllib3 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-43804, CVE-2023-45803. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3...
Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-43804].
Summary The urllib3 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-43804. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive information,...
CVE-2023-43804 affecting package python3 for versions less than 3.9.19-13
CVE-2023-43804 affecting package python3 for versions less than 3.9.19-13. A patched version of the package is available...
Security Bulletin: IBM Maximo Application Suite - IoT uses multiple dependencies which is vulnerable to CVEs.
Summary IBM Maximo Application Suite - IoT uses pip-9.0.3.dist-info, urllib3-1.24.2-py3.6.egg-info, setuptools-39.2.0.dist-info which is vulnerable to CVE-2019-20916, CVE-2023-43804, CVE-2024-6345. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Detai...
Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.
Summary Multiple vulnerabilities were addressed in IBM Concert Software version 1.0.5 Vulnerability Details CVEID:CVE-2023-39326 DESCRIPTION: Golang Go could allow a remote attacker to obtain sensitive information, caused by a flaw in the net/http package. By sending a specially crafted HTTP...
Azure Linux 3.0 Security Update: python-urllib3 / python3 (CVE-2023-43804)
The version of python-urllib3 / python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43804 advisory. - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cooki...
Debian: Security Advisory (DLA-3998-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3998 : python3-urllib3 - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3998 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3998-1 [email protected]...
Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to python - urllib3
Summary IBM Sterling Connect:Direct Web Service uses python - urllib3 ,urllib3 could allow a remote authenticated attacker to obtain sensitive information, caused by the failure to strip the Proxy-Authorization header during cross-origin redirects. Vulnerability Details CVEID:CVE-2024-37891...
Security Bulletin: A vulnerability in Python affects IBM Robotic Process Automation and could allow a remote authenticated attacker to obtain sensitive information (CVE-2023-43804).
Summary A vulnerability in Python affects IBM Robotic Process Automation and could allow a remote authenticated attacker to obtain sensitive information CVE-2023-43804. IBM Robotic Process Automation uses Python as part of NLP and Abbyy. This security bulletin identifies the fixes that are requir...