24 matches found
SUSE-SU-2026:2703-1 Security update for curl
This update for curl fixes the following issues - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-5773: wrong reuse of SMB connection bsc1262633. - CVE-2026-6253: proxy credentials leak over...
SUSE-SU-2026:22156-1 Security update for curl
This update for curl fixes the following issues: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. - CVE-2026-6276: stale custom...
CVE-2026-6429 netrc credential leak with reused proxy connection
When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances...
Security update for curl
This update for curl fixes the following issues: Security issues fixed: CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. CVE-2026-6276:...
SUSE-SU-2026:1717-1 Security update for curl
This update for curl fixes the following issues: Security issues fixed: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. -...
SUSE-SU-2026:21452-1 Security update for curl
This update for curl fixes the following issues: Security issues fixed: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. -...
Security update for curl
This update for curl fixes the following issues: CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. CVE-2026-3783: token leak with redirect and netrc bsc1259363. CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. Patch Instructions: To install this SUSE update...
EulerOS 2.0 SP10 : python-requests (EulerOS-SA-2025-2110)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for...
RLSA-2025:14750 Moderate: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: requests: Requests vulnerable to .netrc credentials leak via malicious...
RHEL 8 : fence-agents (RHSA-2025:14750)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14750 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...
SUSE-SU-2025:02371-1 Security update for python-requests
This update for python-requests fixes the following issues: - CVE-2024-47081: fixed netrc credential leak bsc1244039...
Security update for python-requests
This update for python-requests fixes the following issues: CVE-2024-47081: fixes netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
SUSE SLED15 / SLES15 Security Update : python-requests (SUSE-SU-2025:01998-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:01998-1 advisory. - CVE-2024-47081: fixed netrc credential leak bsc1244039. Tenable has extracted the preceding description block direct...
SUSE SLES12 Security Update : python3-requests (SUSE-SU-2025:01997-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01997-1 advisory. - CVE-2024-47081: fixes netrc credential leak bsc1244039. Tenable has extracted the preceding description block directly from the SUSE security...
Medium: python-requests
Issue Overview: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc...
Medium: python-requests
Issue Overview: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc...
Security update for python-requests
This update for python-requests fixes the following issues: CVE-2024-47081: fixed netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
SUSE-SU-2025:01998-1 Security update for python-requests
This update for python-requests fixes the following issues: - CVE-2024-47081: fixed netrc credential leak bsc1244039...
Security update for python3-requests
This update for python3-requests fixes the following issues: CVE-2024-47081: fixes netrc credential leak bsc1244039. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
CVE-2024-47081 Requests vulnerable to .netrc credentials leak via malicious URLs
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be...