787 matches found
Moderate: Red Hat Security Advisory: python3.11-urllib3 security update
An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...
Moderate: python3.11-urllib3 security update
The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 For more details about the security issues, including the impact, a...
Mageia: Security Advisory (MGASA-2024-0347)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the HTTP library for Python Urllib3, related to the use of open redirection, allows attackers to access sensitive data and compromise its integrity.
The vulnerability of the HTTP library for Python Urllib3 is related to the use of open redirection. Exploiting this vulnerability can allow a malicious actor to gain access to sensitive data and compromise its integrity...
Medium: python-urllib3
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...
Ubuntu: Security Advisory (USN-7084-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7084-1 python-urllib3 vulnerability
It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information...
Advisory ROSA-SA-2024-2511
Software: python-urllib3 1.10.2 OS: rosa-server79 packageevrstring: python-urllib3-1.10.2-7.0.1.res7 CVE-ID: CVE-2024-37891 BDU-ID: None CVE-Crit: LOW CVE-DESC.: When using urllib3 proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy as expected...
Advisory ROSA-SA-2024-2510
Software: python-urllib3 1.10.2 OS: rosa-server79 packageevrstring: python-urllib3-1.10.2-7.0.1.res7 CVE-ID: CVE-2024-37891 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: When using urllib3 proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy as expected...
CLSA-2024-1730142536 python-urllib3: Fix of CVE-2024-37891
CVE-2024-37891: strip Proxy-Authorization header on redirects...
Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2779)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2761)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.12.0 : python-urllib3 (EulerOS-SA-2024-2779)
According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...
Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-8359)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8359 advisory. modwsgi numpy python39 3.9.20-1 - Update to 3.9.20 Resolves: RHEL-60007 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet...
Amazon Linux 2 : python-urllib3 (ALAS-2024-2653)
The version of python-urllib3 installed on the remote host is prior to 1.25.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2653 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...
Medium: python-urllib3
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...
Medium: python3.11-pip
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...
RHEL 8 : python3.11-urllib3 (RHSA-2024:8035)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:8035 advisory. The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3:...
Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2541)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...