14 matches found
Mageia: Security Advisory (MGASA-2014-0409)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : python-requests (MDVSA-2015:133)
Updated python-requests packages fix security vulnerabilities : Python-requests was found to have a vulnerability, where the attacker can retrieve the passwords from /.netrc file through redirect requests, if the user has their passwords stored in the /.netrc file CVE-2014-1829. It was discovered...
Debian DSA-3146-1 : requests - security update
Jakub Wilk discovered that in requests, an HTTP library for the Python language, authentication information was improperly handled when a redirect occured. This would allow remote servers to obtain two different types of sensitive information: proxy passwords from the Proxy-Authorization header...
[SECURITY] [DSA 3146-1] requests security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3146-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 30, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3146-1] requests security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3146-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 30, 2015 http://www.debian.org/security/faq -...
DSA-3146-1 requests - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3146-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-1829
Requests aka python-requests before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request...
CVE-2014-1829
The CVE-2014-1829 entry describes a vulnerability in Requests (python-requests) prior to version 2.3.0, where a redirected request could reveal a netrc password by reading the Authorization header. The core issue is exposure of credentials through netrc data via headers during redirects. Affected...
Ubuntu: Security Advisory (USN-2382-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Requests vulnerabilities (USN-2382-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2382-1 advisory. Jakub Wilk discovered that Requests incorrectly reused authentication credentials after being redirected. An attacker could possibly use this issue to...
USN-2382-1: Requests vulnerabilities
Jakub Wilk discovered that Requests incorrectly reused authentication credentials after being redirected. An attacker could possibly use this issue to obtain authentication credentials intended for another site. CVE-2014-1829, CVE-2014-1830...
Updated python-requests packages fix security vulnerabilities
Updated python-requests packages fix security vulnerability: Python-requests was found to have a vulnerability, where the attacker can retrieve the passwords from /.netrc file through redirect requests, if the user has their passwords stored in the /.netrc file CVE-2014-1829. It was discovered th...
CVE-2014-1829
Requests aka python-requests before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request...