CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2024/03/04 12:0 a.m.•16 views

openSUSE: Security Advisory for python (SUSE-SU-2023:2866-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS7.2AI score0.06086EPSS

IBM Security Bulletins•added 2024/02/28 6:57 p.m.•21 views

Security Bulletin: requests-2.28.2-py3-none-any.whl (Publicly disclosed vulnerability found by Mend)

Summary Security Bulletin: requests-2.28.2-py3-none-any.whl Publicly disclosed vulnerability found by Mend - This has been fixed in MAS 8.11 in APM-PM-LIB Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information, caused ...

6.1CVSS6.4AI score0.06086EPSS

OpenVAS•added 2024/02/28 12:0 a.m.•18 views

SUSE: Security Advisory (SUSE-SU-2023:2638-1)

6.1CVSS7.2AI score0.06086EPSS

Exploits1References4

IBM Security Bulletins•added 2024/02/20 7:43 p.m.•16 views

Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to Python-requests Proxy-Authorization header leak ( CVE-2023-32681)

Summary Python-requests is used by IBM Cloud Pak for Data Scheduling as part of the Ansible operator for Scheduler installation. This vulnerability is addressed Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information,...

6.1CVSS6.3AI score0.06086EPSS

IBM Security Bulletins•added 2024/02/16 6:40 p.m.•22 views

Security Bulletin: IBM Workload Automation affected by multiple vulnerabilities in RHEL (CVE-2023-32681, CVE-2022-48468)

Summary IBM Workload Automation container solution is affectedby multiple vulnerabilities found in RHEL. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of Proxy-Authorization headers to...

Tenable Nessus•added 2024/02/08 12:0 a.m.•32 views

CentOS 8 : python-requests (CESA-2023:4520)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:4520 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS...

IBM Security Bulletins•added 2024/01/26 9:53 p.m.•27 views

Security Bulletin: IBM Storage Ceph is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in the RHEL UBI (CVE-2023-32681)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-32681 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain...

6.1CVSS6.3AI score0.06086EPSS

RedHat Linux•added 2024/01/18 4:31 p.m.•36 views

Moderate: Red Hat Security Advisory: python-requests security update

An update for python-requests is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.1CVSS6.8AI score0.06086EPSS

RedHat Linux•added 2024/01/18 4:31 p.m.•0 views

python-requests: Unintended leak of Proxy-Authorization header

A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the Proxy-Authorization...

6.1CVSS6.6AI score0.06086EPSS

Exploits1References5

Tenable Nessus•added 2024/01/16 12:0 a.m.•30 views

EulerOS Virtualization 2.11.1 : python-requests (EulerOS-SA-2023-2741)

According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination...

Tenable Nessus•added 2024/01/16 12:0 a.m.•29 views

EulerOS Virtualization 3.0.6.0 : python-requests (EulerOS-SA-2023-3451)

According to the versions of the python-requests packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination...

Tenable Nessus•added 2024/01/16 12:0 a.m.•17 views

EulerOS 2.0 SP11 : python-requests (EulerOS-SA-2023-2665)

According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when...

Tenable Nessus•added 2024/01/16 12:0 a.m.•24 views

EulerOS 2.0 SP8 : python-requests (EulerOS-SA-2023-3152)

According to the versions of the python-requests packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when...

Tenable Nessus•added 2024/01/16 12:0 a.m.•21 views

EulerOS Virtualization 2.10.1 : python-requests (EulerOS-SA-2023-2927)

Tenable Nessus•added 2024/01/16 12:0 a.m.•24 views

EulerOS 2.0 SP11 : python-requests (EulerOS-SA-2023-2707)