Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2025/01/03 12:0 a.m.16 views

Oracle Linux 8 : python-requests (ELSA-2025-0012)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-0012 advisory. - Security fix for CVE-2024-35195 Resolves: RHEL-37605 - Security fix for CVE-2023-32681 Resolves: rhbz2209469 - Update to v2.20.0 for CVE-2018-18074. - Remove...

7.5CVSS7AI score0.07443EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2024/09/10 12:0 a.m.22 views

NewStart CGSL MAIN 6.02 : python-requests Vulnerability (NS-SA-2024-0058)

The remote NewStart CGSL host, running version MAIN 6.02, has python-requests packages installed that are affected by a vulnerability: - A flaw was found in the way python-requests set the domain cookie parameter for certain HTTP responses. A remote attacker could use this flaw to modify a cookie...

6.8CVSS7.4AI score0.03408EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2015-0180)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.07987EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2016:0114-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.8AI score0.03408EPSS
Exploits0References7
OSV
OSV
added 2015/11/30 11:7 a.m.8 views

SUSE-SU-2015:2156-1 Security update for python-requests

python-requests was updated to fix one security issue. This security issue was fixed: - CVE-2015-2296: The resolveredirects function in sessions.py allowed remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. bsc922448 This non-security issue was...

6.8CVSS6.3AI score0.03408EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/06/19 12:0 a.m.31 views

Fedora Update for python-requests FEDORA-2015-9664

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6AI score0.03408EPSS
Exploits0References2
Mageia
Mageia
added 2015/05/03 12:19 a.m.48 views

Updated python-pip packages fix security vulnerabilities

Updated python-pip and python-virtualenv packages fix security vulnerability: The mirroring support in python-pip was implemented without any sort of authenticity checks and is downloaded over plaintext HTTP. Further more by default it will dynamically discover the list of available mirrors by...

5.9CVSS5.8AI score0.07987EPSS
Exploits1References4
Amazon
Amazon
added 2015/04/17 12:0 a.m.35 views

Medium: python-botocore

Issue Overview: A flaw was found in the way python-requests set the domain cookie parameter for certain HTTP responses. A remote attacker could use this flaw to modify a cookie to be sent to an arbitrary URL. Affected Packages: python-botocore Issue Correction: Run yum update python-botocore or y...

6.8CVSS7.7AI score0.03408EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.30 views

Fedora 21 : python-requests-2.5.3-2.fc21 / python-urllib3-1.10.2-1.fc21 (2015-4084)

Backport of patch to not ascribe cookies to the target domain. - https://github.com/kennethreitz/requests/commit/3bd8afbf f29e50b38f889b2f688785a669b9aafc - http://www.openwall.com/lists/oss-security/2015/03/14/4 Note that Tenable Network Security has extracted the preceding description block...

6.8CVSS7.2AI score0.03408EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.41 views

Mandriva Linux Security Advisory : python-requests (MDVSA-2015:133)

Updated python-requests packages fix security vulnerabilities : Python-requests was found to have a vulnerability, where the attacker can retrieve the passwords from /.netrc file through redirect requests, if the user has their passwords stored in the /.netrc file CVE-2014-1829. It was discovered...

6.8CVSS7.2AI score0.03408EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/03/30 12:0 a.m.26 views

Fedora Update for python-requests FEDORA-2015-4084

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6AI score0.03408EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/03/30 12:0 a.m.27 views

Fedora Update for python-urllib3 FEDORA-2015-4084

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6AI score0.03408EPSS
Exploits0References2
Mageia
Mageia
added 2015/03/27 9:12 p.m.43 views

Updated python-requests packages fix security vulnerability

In python-requests before 2.6.0, a cookie without a host value set would use the hostname for the redirected URL exposing requests users to session fixation attacks and potentially cookie stealing CVE-2015-2296...

6.8CVSS5.9AI score0.03408EPSS
Exploits0References3
OSV
OSV
added 2015/03/18 4:59 p.m.6 views

CVE-2015-2296

The resolveredirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect...

6.3AI score
Exploits0References8
CVE
CVE
added 2015/03/18 4:0 p.m.182 views

CVE-2015-2296

CVE-2015-2296 affects the Python requests project: the resolve_redirects implementation in sessions.py in versions 2.1.0 through 2.5.3 allows a remote attacker to perform session fixation via a redirect that carries a cookie without a host value. The connected data confirms the vulnerability in r...

6.8CVSS5.7AI score0.03408EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2015/03/18 12:0 a.m.100 views

[USN-2531-1] Requests vulnerability

========================================================================== Ubuntu Security Notice USN-2531-1 March 16, 2015 requests vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.8CVSS6.7AI score0.03408EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/03/16 12:0 a.m.21 views

CVE-2015-2296

The resolveredirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect...

6.8CVSS6.9AI score0.03408EPSS
Exploits0References4
Rows per page
Query Builder