Security update for python-urllib3 (moderate)

openSUSE Security Update: Security update for python-urllib3 Announcement ID: openSUSE-SU-2019:2131-1 Rating: moderate References: 1119376 1129071 1132663 1132900 Cross-References: CVE-2018-20060 CVE-2019-11236 CVE-2019-11324 CVE-2019-9740 Affected Products: openSUSE Leap 15.0 An update that fixe...

Security update for python-urllib3 (moderate)

openSUSE Security Update: Security update for python-urllib3 Announcement ID: openSUSE-SU-2019:2133-1 Rating: moderate References: 1129071 1132663 1132900 Cross-References: CVE-2019-11236 CVE-2019-11324 CVE-2019-9740 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities...

SUSE-SU-2019:2370-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue bsc1129071. - CVE-2019-11324: Fixed invalid CA certificat verification bsc1132900. - CVE-2019-11236: Fixed CRLF injection via request parameter bsc1132663. - CVE-2018-2006...

SUSE-SU-2019:2332-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue bsc1129071. - CVE-2019-11324: Fixed invalid CA certificat verification bsc1132900. - CVE-2019-11236: Fixed CRLF injection via request parameter bsc1132663...

SUSE-SU-2019:2331-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue bsc1129071. - CVE-2019-11324: Fixed invalid CA certificat verification bsc1132900. - CVE-2019-11236: Fixed CRLF injection via request parameter bsc1132663. - CVE-2018-2006...

Updated python-urllib3 packages fix security vulnerability

It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts CVE-2018-20060. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacke...

MGASA-2019-0258 Updated python-urllib3 packages fix security vulnerability

It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts CVE-2018-20060. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacke...

MGASA-2019-0259 Updated python-urllib3 packages fix security vulnerability

It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection CVE-2019-11236...

SUSE-SU-2019:2300-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue bsc1129071. - CVE-2019-11324: Fixed invalid CA certificat verification bsc1132900. - CVE-2019-11236: Fixed CRLF injection via request parameter bsc1132663. - CVE-2018-2006...

python security update

CentOS Errata and Security Advisory CESA-2019:2272 An update for python-urllib3 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CentOS 7 : python-urllib3 (CESA-2019:2272)

An update for python-urllib3 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Scientific Linux Security Update : python-urllib3 on SL7.x x86_64 (20190806)

Security Fixes : - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 - python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-11236 C Tenable Network Securit...

python-urllib3 security update

1.10.2-7 - Provide python2-urllib3 - Add patch for CVE-2019-11236 Resolves: rhbz1703360 1.10.2-6 - Source URL switched to HTTPS protocol - Add patch for CVE-2018-20060 Resolves: rhbz1658471...

RHEL 7 : python-urllib3 (RHSA-2019:2272)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2272 advisory. The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3:...

python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter...

Moderate: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

USN-3990-2 python-urllib3 vulnerability

USN-3990-1 fixed a vulnerability in urllib3. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection...

USN-3990-2: urllib3 vulnerability

USN-3990-1 fixed a vulnerability in urllib3. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection...

Amazon Linux AMI : python-urllib3 (ALAS-2019-1236)

In the urllib3 library for Python, CRLF injection is possible if the attacker controls the request parameter. CVE-2019-11236 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2019-1236...

Medium: python-urllib3

Issue Overview: In the urllib3 library for Python, CRLF injection is possible if the attacker controls the request parameter. CVE-2019-11236 Affected Packages: python-urllib3 Issue Correction: Run yum update python-urllib3 or yum update --advisory ALAS-2019-1236 to update your system. New Package...