new packages: python-requests-file

An update is available for python-requests-file. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Roc...

GHSA-CFJ3-7X9C-4P3H Exposure of Sensitive Information to an Unauthorized Actor in Requests

Requests aka python-requests before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request...

GHSA-652X-XJ99-GMCC Exposure of Sensitive Information to an Unauthorized Actor in Requests

Requests aka python-requests before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request...

Exposure of Sensitive Information to an Unauthorized Actor in Requests

Requests aka python-requests before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request...

SUSE SLES15 Security Update : python-requests (SUSE-SU-2022:1448-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1448-1 advisory. - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-ht...

SUSE-SU-2022:1448-1 Security update for python-requests

This update for python-requests fixes the following issues: - CVE-2018-18074: Fixed sending an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect bsc1111622...

SUSE: Security Advisory (SUSE-SU-2022:1448-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Server-Side Request Forgery (SSRF)

Description The SSRF Protection is incomplete and can be bypassed via an HTTP redirect, the python-requests library will follow redirections by default can be disabled byallowredirects=False. An attacker can set up their HTTP server to respond with a 302 redirect to redirect the request to...

Mageia: Security Advisory (MGASA-2014-0409)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2013-0376)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2015-0120)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0475)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2013-0252)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LiteSpeed Cache < 4.4.4 - IP Check Bypass to Unauthenticated Stored XSS

The plugin does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the endpoint could be used to set CSS code if a setting is enabled, which will then ...

python39:3.9 and python39-devel:3.9 security update

modwsgi 4.7.1-4 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz1877430 4.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora33MassRebuild 4.7.1-2 - Rebuilt for Python 3.9 4.7.1-1 - update to 4.7.1 1721376 numpy 1.19.4-3 - Adjusted the postun scriptlets to enable...

Exploit for CVE-2018-9995

PoC exploit for CVE-2018-9995. This exploit targets a vulnerability in a DVR system, allowing for remote code execution. The exploit is written in Python and uses the requests library to send HTTP requests to the vulnerable system. The exploit first defines a function to get the system's response...

SUSE-SU-2021:2195-1 Security update for python-urllib3, python-requests

This update for python-urllib3 and python-requests fixes the following issues: Security fix: - Improve performance of sub-authority splitting in URL. bsc1187045, CVE-2021-33503 Non-security changes: - Update python-urllib3 to version 1.25.10 to stay compatible with changes needed in the Server an...

SUSE: Security Advisory (SUSE-SU-2019:1487-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python38:3.8 security update

python38 3.8.6-3 - Security fix for CVE-2021-3177 Resolves: rhbz1919161 3.8.6-2 - Add support for upstream architecture names https://fedoraproject.org/wiki/Changes/PythonUpstreamArchitectureNames Resolves: rhbz1868006 3.8.6-1 - Update to 3.8.6 - Security fix for CVE-2020-26116 python-requests...