ROS-20250806-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of registration data. inadequate protection of login credentials. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to...

[SECURITY] Fedora 42 Update: python-requests-2.32.4-1.fc42

Most existing Python modules for sending HTTP requests are extremely verbose and cumbersome. Python=E2=80=99s built-in urllib2 module provides most of the HTTP capabilities you should need, but the API is thoroughly broken. This library is designed to make HTTP requests easy for developers...

ROS-20250703-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to the fact that the library passes .netrc credentials to third parties for certain malicious URLs. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data...

ROS-20250703-12

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to the fact that the library passes .netrc credentials to third parties for certain malicious URLs. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data...

The vulnerability of the Python Requests HTTP request library, related to incorrect implementation of control flow management, allows attackers to access confidential data.

The vulnerability of the Python Requests HTTP request library is related to incorrect implementation of the control flow. Exploiting this vulnerability can allow an attacker to access confidential data...

ROS-20240408-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protect...

PT-2025-23665

Name of the Vulnerable Software and Affected Versions Python requests library affected versions not specified Description The issue concerns a netrc credential leak in the Python requests library. This library is a simple, yet elegant, HTTP library. It leaks .netrc credentials to third parties du...

The vulnerability of the Python Requests HTTP request library relates to insufficient protection of sensitive data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Python Requests HTTP request library is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Python Requests HTTP request library relates to the lack of a mechanism for storing registration data, allowing attackers to access confidential information.

The vulnerability of the Python Requests HTTP request library is related to the lack of a mechanism for storing registration data. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

python-requests: Redirect from HTTPS to HTTP does not remove Authorization header

A credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected 302 from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker coul...

python-requests bug fix update

The python-requests package contains a library designed to make HTTP requests easy for developers. Bug fix: The fix CVE-2018-18074 leads to a regression BZ1758261...