SUSE-SU-2024:1938-1 Security update for python-docker

This update for python-docker fixes the following issues: - CVE-2024-35195: Fix failure with updated python-requests. bsc1224788...

Fedora: Security Advisory (FEDORA-2024-efc4802051)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-7e4f058c2f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2024-0210)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0210 Updated python-requests packages fix security vulnerability

CVE-2024-35195: Fixed cert verification regardless of changes to the value of verify bsc1224788...

RHEL 6 : python-requests (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-18074 Note that Nessus h...

SUSE: Security Advisory (SUSE-SU-2024:1880-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-requests (SUSE-SU-2024:1880-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1880-1 advisory. - CVE-2024-35195: Fixed cert verification regardless of changes to the value of verify bsc1224788. Tenabl...

Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-3466)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3466 advisory. - Security fixes for CVE-2023-6597 and CVE-2024-0450 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE-SU-2024:1880-1 Security update for python-requests

This update for python-requests fixes the following issues: - CVE-2024-35195: Fixed cert verification regardless of changes to the value of verify bsc1224788...

SUSE-SU-2024:1857-1 Security update for python-requests

This update for python-requests fixes the following issues: - CVE-2024-35195: Fixed cert verification regardless of changes to the value of verify bsc1224788...

Fedora 40 : mingw-python-requests (2024-efc4802051)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-efc4802051 advisory. Update to requests-2.32.0, fixes CVE-2024-35195. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Fedora 39 : mingw-python-requests (2024-7e4f058c2f)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-7e4f058c2f advisory. Update to requests-2.32.0, fixes CVE-2024-35195. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

AZL-42127 CVE-2024-35195 affecting package python-requests for versions less than 2.31.0-2

Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verif...

AZL-42145 CVE-2024-35195 affecting package python-requests for versions less than 2.27.1-7

Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verif...

RHEL 7 : python-requests (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-requests: Unintended leak of Proxy-Authorization header CVE-2023-32681 Note that Nessus has not tested for...

RHEL 6 : python-requests (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-18074 - Reques...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:4693)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4693 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

NewStart CGSL CORE 5.04 / MAIN 5.04 : python-requests Multiple Vulnerabilities (NS-SA-2024-0014)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-requests packages installed that are affected by multiple vulnerabilities: - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-htt...

Security Bulletin: IBM QRadar App SDK for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that might be identified and exploited with automated tools. IBM has addressed the vulnerabilities. This product is only used by IBM QRadar SIEM app developers and external business partners and is not relevant for users...