CVE-2024-37891 affecting package python-urllib3 for versions less than 1.26.19-1

CVE-2024-37891 affecting package python-urllib3 for versions less than 1.26.19-1. An upgraded version of the package is available that resolves this issue...

openSUSE Security Advisory (SUSE-SU-2024:2320-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-urllib3 (SUSE-SU-2024:2320-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2320-1 advisory. - CVE-2024-37891: Fixed proxy-authorization request header not stripped during cross-origin redirects...

SUSE-SU-2024:2320-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: - CVE-2024-37891: Fixed proxy-authorization request header not stripped during cross-origin redirects bsc1226469...

CentOS 9 : python-urllib3-1.26.5-6.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the python- urllib3-1.26.5-6.el9 build changelog. - urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

[SECURITY] Fedora 40 Update: python-urllib3-1.26.19-1.fc40

urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: =E2=80=A2 Thread safety. =E2=80=A2 Connection pooling. =E2=80=A2 Client-side SSL/TLS verification. =E2=80=A2 File uploads with multipart encoding...

Fedora 40 : python-urllib3 (2024-af07c0bb8c)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-af07c0bb8c advisory. Update to 1.26.19 to fix CVE-2024-37891 rhbz2292790 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Fedora 39 : mingw-python-urllib3 (2024-73f181db2a)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-73f181db2a advisory. Update to 1.26.19, fixes CVE-2024-0444. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

Security Bulletin: A vulnerability in urllib3 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the urllib3 package has been addressed. Vulnerability Details CVEID:CVE-2019-11236 DESCRIPTION: Python urllib3 is vulnerable to CRLF injection, caused by improper validation of user-supplied input by the request parameter. By sending a specially-crafted HTTP response...

AZL-42703 CVE-2024-37891 affecting package python-urllib3 for versions less than 1.26.19-1

urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidental...

OPENSUSE-SU-2024:13213-1 python310-urllib3_1-1.26.16-2.1 on GA media

These are all security issues fixed in the python310-urllib31-1.26.16-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12944-1 python310-urllib3_1-1.26.15-1.1 on GA media

These are all security issues fixed in the python310-urllib31-1.26.15-1.1 package on the GA media of openSUSE Tumbleweed...

python39:3.9 and python39-devel:3.9 security update

An update is available for python-pluggy, module.python-iniconfig, module.python-psycopg2, module.python-more-itertools, module.python3x-pip, module.python3x-setuptools, python-requests, python-psutil, numpy, module.python-ply, module.python-psutil, module.python-pycparser, module.python-cffi,...

RLSA-2024:2985 Moderate: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

python-urllib3 bug fix and enhancement update

An update is available for python-urllib3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

Rocky Linux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2024:2985)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2985 advisory. pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 python-cryptography: memory corruption via immutable objec...

Rocky Linux 8 : python3.11-urllib3 (RLSA-2024:2986)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:2986 advisory. python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 Tenable has extracted the preceding description block directly...

RHEL 6 : python-urllib3 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure...

Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-3466)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3466 advisory. - Security fixes for CVE-2023-6597 and CVE-2024-0450 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RHEL 8 : python39:3.9 and python39-devel:3.9 (RHSA-2024:2985)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2985 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...