14 matches found
Mageia: Security Advisory (MGASA-2014-0409)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : python-requests (openSUSE-2016-98)
This update for python-requests fixes the following issue : - CVE-2014-1830: Proxy-Authorization header leak bnc897658 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-98. The tex...
Mandriva Linux Security Advisory : python-requests (MDVSA-2015:133)
Updated python-requests packages fix security vulnerabilities : Python-requests was found to have a vulnerability, where the attacker can retrieve the passwords from /.netrc file through redirect requests, if the user has their passwords stored in the /.netrc file CVE-2014-1829. It was discovered...
Debian DSA-3146-1 : requests - security update
Jakub Wilk discovered that in requests, an HTTP library for the Python language, authentication information was improperly handled when a redirect occured. This would allow remote servers to obtain two different types of sensitive information: proxy passwords from the Proxy-Authorization header...
[SECURITY] [DSA 3146-1] requests security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3146-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 30, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3146-1] requests security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3146-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 30, 2015 http://www.debian.org/security/faq -...
DSA-3146-1 requests - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3146-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-1830
Requests aka python-requests before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request...
CVE-2014-1830
CVE-2014-1830 affects python-requests (Requests). The issue arises when a redirect occurs: the Proxy-Authorization header is not re-evaluated for the new request, allowing a remote server to leak sensitive information. Public advisories (e.g., openSUSE-2016-98) note this CVE and indicate a securi...
Ubuntu 14.04 LTS : Requests vulnerabilities (USN-2382-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2382-1 advisory. Jakub Wilk discovered that Requests incorrectly reused authentication credentials after being redirected. An attacker could possibly use this issue to...
Ubuntu: Security Advisory (USN-2382-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2382-1: Requests vulnerabilities
Jakub Wilk discovered that Requests incorrectly reused authentication credentials after being redirected. An attacker could possibly use this issue to obtain authentication credentials intended for another site. CVE-2014-1829, CVE-2014-1830...
Updated python-requests packages fix security vulnerabilities
Updated python-requests packages fix security vulnerability: Python-requests was found to have a vulnerability, where the attacker can retrieve the passwords from /.netrc file through redirect requests, if the user has their passwords stored in the /.netrc file CVE-2014-1829. It was discovered th...