Updated python-urllib3 packages fix security vulnerability

It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts CVE-2018-20060. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacke...

python security update

CentOS Errata and Security Advisory CESA-2019:2035 An update for python-requests is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

CentOS 7 : python-requests (CESA-2019:2035)

An update for python-requests is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Scientific Linux Security Update : python-requests on SL7.x x86_64 (20190806)

Security Fixes : - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-18074 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid128255; scriptversion"1.5";...

python-requests security update

2.6.0-5 - Fix CVE-2018-18074 Resolves: rhbz1647368...

RHEL 7 : python-requests (RHSA-2019:2035)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2035 advisory. The python-requests package contains a library designed to make HTTP requests easy for developers. Security Fixes: python-requests: Redirect from HTT...

python-requests: Redirect from HTTPS to HTTP does not remove Authorization header

A credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected 302 from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker coul...

Low: Red Hat Security Advisory: python-requests security update

An update for python-requests is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

SUSE-SU-2019:2047-1 Security update for python-requests

This update for python-requests to version 2.20.1 fixes the following issues: Security issue fixed: - CVE-2018-18074: Fixed an information disclosure vulnerability of the HTTP Authorization header bsc1111622...

SUSE-SU-2019:2027-1 Security update for python-requests

This update for python-requests fixes the following issues: - CVE-2018-18074: Fixed an issue which could ease attackers to discover credentials by sniffing the network bsc1111622...

openSUSE Security Update : python-requests (openSUSE-2019-1754)

This update for python-requests to version 2.20.1 fixes the following issues : Security issue fixed : - CVE-2018-18074: Fixed an information disclosure vulnerability of the HTTP Authorization header bsc1111622. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable...

OPENSUSE-SU-2019:1754-1 Security update for python-requests

This update for python-requests to version 2.20.1 fixes the following issues: Security issue fixed: - CVE-2018-18074: Fixed an information disclosure vulnerability of the HTTP Authorization header bsc1111622. This update was imported from the SUSE:SLE-15-SP1:Update update project...

Security update for python-requests (moderate)

openSUSE Security Update: Security update for python-requests Announcement ID: openSUSE-SU-2019:1754-1 Rating: moderate References: 1111622 Cross-References: CVE-2018-18074 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

Exploit for CVE-2018-9995

This is an exploit module for a DVR Digital Video Recorder vulnerability, specifically CVE-2018-9995. The exploit is designed to obtain exposed credentials from the DVR. The module is written in Python and uses the requests library to send HTTP requests to the DVR. The exploit targets a...

SUSE-SU-2019:1487-1 Security update for python-requests

This update for python-requests to version 2.20.1 fixes the following issues: Security issue fixed: - CVE-2018-18074: Fixed an information disclosure vulnerability of the HTTP Authorization header bsc1111622...

SUSE-SU-2019:1487-2 Security update for python-requests

This update for python-requests to version 2.20.1 fixes the following issues: Security issue fixed: - CVE-2018-18074: Fixed an information disclosure vulnerability of the HTTP Authorization header bsc1111622...

Fedora Update for python-requests FEDORA-2018-52262a02be

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Denial Of Service (DoS)

Red Hat Enterprise Linux OpenStack Platform provides the facilities for building a private or public infrastructure-as-a-service IaaS cloud running on commonly available physical hardware. Changes to the ceph component: In the previous version, launching of nova instances resulted in nova-compute...

Weak Encryption

Red Hat Enterprise Linux OpenStack Platform provides the facilities for building a private or public infrastructure-as-a-service IaaS cloud running on commonly available physical hardware. Changes to the ceph component: In the previous version, launching of nova instances resulted in nova-compute...

Denial Of Service (DoS)

Red Hat Enterprise Linux OpenStack Platform provides the facilities for building a private or public infrastructure-as-a-service IaaS cloud running on commonly available physical hardware. Changes to the ceph component: In the previous version, launching of nova instances resulted in nova-compute...