Lucene search
K

24 matches found

OSV
OSV
added 2026/06/30 10:27 a.m.5 views

SUSE-SU-2026:2703-1 Security update for curl

This update for curl fixes the following issues - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-5773: wrong reuse of SMB connection bsc1262633. - CVE-2026-6253: proxy credentials leak over...

7.5CVSS7.1AI score0.00639EPSS
Exploits6References13
OSV
OSV
added 2026/06/17 8:57 a.m.2 views

SUSE-SU-2026:22156-1 Security update for curl

This update for curl fixes the following issues: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. - CVE-2026-6276: stale custom...

7.5CVSS5.8AI score0.00639EPSS
Exploits5References11
Vulnrichment
Vulnrichment
added 2026/05/13 8:28 a.m.7 views

CVE-2026-6429 netrc credential leak with reused proxy connection

When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances...

5.8AI score0.00519EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2026/05/06 12:14 p.m.12 views

Security update for curl

This update for curl fixes the following issues: Security issues fixed: CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. CVE-2026-6276:...

8.3CVSS7AI score0.00639EPSS
Exploits5References24
OSV
OSV
added 2026/05/06 12:13 p.m.10 views

SUSE-SU-2026:1717-1 Security update for curl

This update for curl fixes the following issues: Security issues fixed: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. -...

7.5CVSS7.1AI score0.00639EPSS
Exploits5References13
OSV
OSV
added 2026/04/30 2:46 p.m.4 views

SUSE-SU-2026:21452-1 Security update for curl

This update for curl fixes the following issues: Security issues fixed: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. -...

7.5CVSS7.1AI score0.00639EPSS
Exploits5References13
SUSE Linux
SUSE Linux
added 2026/03/18 8:52 a.m.7 views

Security update for curl

This update for curl fixes the following issues: CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. CVE-2026-3783: token leak with redirect and netrc bsc1259363. CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. Patch Instructions: To install this SUSE update...

7.5CVSS5.7AI score0.00333EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

EulerOS 2.0 SP10 : python-requests (EulerOS-SA-2025-2110)

According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for...

5.3CVSS7AI score0.00846EPSS
Exploits1References2
OSV
OSV
added 2025/09/08 2:19 p.m.3 views

RLSA-2025:14750 Moderate: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: requests: Requests vulnerable to .netrc credentials leak via malicious...

5.3CVSS7AI score0.00846EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.6 views

RHEL 8 : fence-agents (RHSA-2025:14750)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14750 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...

5.3CVSS7AI score0.00846EPSS
Exploits1References5
OSV
OSV
added 2025/07/18 12:42 p.m.3 views

SUSE-SU-2025:02371-1 Security update for python-requests

This update for python-requests fixes the following issues: - CVE-2024-47081: fixed netrc credential leak bsc1244039...

5.3CVSS6.7AI score0.00846EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2025/07/02 3:15 p.m.3 views

Security update for python-requests

This update for python-requests fixes the following issues: CVE-2024-47081: fixes netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

8.2CVSS7.8AI score0.00846EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.3 views

SUSE SLED15 / SLES15 Security Update : python-requests (SUSE-SU-2025:01998-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:01998-1 advisory. - CVE-2024-47081: fixed netrc credential leak bsc1244039. Tenable has extracted the preceding description block direct...

5.3CVSS7AI score0.00846EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.4 views

SUSE SLES12 Security Update : python3-requests (SUSE-SU-2025:01997-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01997-1 advisory. - CVE-2024-47081: fixes netrc credential leak bsc1244039. Tenable has extracted the preceding description block directly from the SUSE security...

5.3CVSS7AI score0.00846EPSS
Exploits1References4
Amazon
Amazon
added 2025/06/24 12:0 a.m.6 views

Medium: python-requests

Issue Overview: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc...

5.3CVSS7AI score0.00846EPSS
Exploits1
Amazon
Amazon
added 2025/06/24 12:0 a.m.10 views

Medium: python-requests

Issue Overview: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc...

5.3CVSS6.6AI score0.00846EPSS
Exploits1
SUSE Linux
SUSE Linux
added 2025/06/18 8:42 a.m.2 views

Security update for python-requests

This update for python-requests fixes the following issues: CVE-2024-47081: fixed netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

8.2CVSS7.8AI score0.00846EPSS
Exploits1References4
OSV
OSV
added 2025/06/18 8:42 a.m.3 views

SUSE-SU-2025:01998-1 Security update for python-requests

This update for python-requests fixes the following issues: - CVE-2024-47081: fixed netrc credential leak bsc1244039...

5.3CVSS6.7AI score0.00846EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2025/06/18 8:41 a.m.2 views

Security update for python3-requests

This update for python3-requests fixes the following issues: CVE-2024-47081: fixes netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

8.2CVSS7.3AI score0.00846EPSS
Exploits1References4
OSV
OSV
added 2025/06/09 5:57 p.m.5 views

CVE-2024-47081 Requests vulnerable to .netrc credentials leak via malicious URLs

Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be...

5.3CVSS6.2AI score0.00846EPSS
Exploits1References12
Rows per page
Query Builder