15 matches found
EUVD-2026-22239
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to sslverify in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, whic...
CVE-2026-31923 Apache APISIX: Openid-connect `tls_verify` field is disabled by default
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to sslverify in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, whic...
PT-2026-32602
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to ssl verify in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, whi...
EulerOS 2.0 SP13 : python-requests (EulerOS-SA-2026-1294)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=Fal...
EulerOS 2.0 SP13 : python-requests (EulerOS-SA-2026-1258)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=Fal...
EUVD-2024-54991
Malicious code in bioql PyPI...
Improper Certificate Validation
Overview devsecops-engine-tools is a Tool for DevSecOps strategy Affected versions of this package are vulnerable to Improper Certificate Validation via the getaccesstokenclientcredentials function, which uses the requests.request function with verify=False configured. Remediation Upgrade...
Medium: python-requests
Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
Medium: python3.12-pip
Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
requests: subsequent requests to the same host ignore cert verification
An incorrect control flow implementation vulnerability was found in Requests. If the first request in a session is made with verify=False, all subsequent requests to the same host will continue to ignore cert verification...
Requests `Session` object does not verify requests after making first request with verify=False
...
UBUNTU-CVE-2024-35195
Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verif...