Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Python Requests

POC for CVE-2023-32681 This is a Python 3 implementation of C...

Amazon Linux 2 : python-requests (ALAS-2023-2110)

The version of python-requests installed on the remote host is prior to 2.6.0-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2110 advisory. A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy- Authorization header...

The vulnerability of the Python Requests HTTP request library relates to insufficient protection of sensitive data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Python Requests HTTP request library is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-requests (SUSE-SU-2023:2866-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2866-1 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers...

Medium: python3-requests

Issue Overview: A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the...

Medium: python-requests

Issue Overview: A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the...

SUSE SLES12 Security Update : python-requests (SUSE-SU-2023:2865-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2865-1 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when...

Medium: python-requests

Issue Overview: A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the...

SUSE-SU-2023:2866-1 Security update for python-requests

This update for python-requests fixes the following issues: - CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header bsc1211674...

SUSE-SU-2023:2865-1 Security update for python-requests

This update for python-requests fixes the following issues: - CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header bsc1211674...

Security Bulletin: A Vulnerability in python-requests affects IBM InfoSphere Information Server (CVE-2023-32681)

Summary Python-requests is used by IBM InfoSphere Information Server. An information disclosure vulnerability in python-requests was addressed. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information, caused by the...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets (SUSE-SU-2023:2783-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-1 advisory. - aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data...

Security Bulletin: Multiple security vulnerabilities affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Summary Multiple security vulnerabilities impacting Watson Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-0842 DESCRIPTION: xml2js could allow a remote attacker to execute arbitrary code on the system, caused by a...

CBL Mariner 2.0 Security Update: python-requests (CVE-2023-32681)

The version of python-requests installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32681 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization...

Mageia: Security Advisory (MGASA-2023-0210)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality due to [CVE-2023-32681]

Summary Python module Requests is used by IBM App Connect Enterprise Certified Container for making HTTPS calls in mapping assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality. This bulletin...

MGASA-2023-0210 Updated python-requests packages fix security vulnerability

Forwarding proxy credentials to the destination server unintentionally CVE-2023-32681...

CVE-2023-32681 affecting package python-requests 2.22.0-2

CVE-2023-32681 affecting package python-requests 2.22.0-2. A patched version of the package is available...

CVE-2023-32681 affecting package python-requests for versions less than 2.27.1-6

CVE-2023-32681 affecting package python-requests for versions less than 2.27.1-6. A patched version of the package is available...

SUSE-SU-2023:2638-1 Security update for python-requests

This update for python-requests fixes the following issues: - CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header bsc1211674...