Lucene search
K

99 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : python-pip-9.0.3-16.el8 (AXSA:2020-285:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-285:03 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python-urllib3: CRLF injection...

9.8CVSS7.8AI score0.07443EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: python-urllib3 (TSSA-2022:0218)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0218 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

6.1CVSS7.4AI score0.02056EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2019-11236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. CVE-2019-11236 Note that Nessus...

6.1CVSS7AI score0.02056EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/02 4:8 p.m.25 views

Security Bulletin: Mutiple vulnerabilites in Python affect IBM Robotic Process Automation

Summary Mutiple vulnerabilites in Python affect IBM Robotic Process Automation. Python is used by IBM Robotic Process Automation as part of Watson NLP. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details CVEID:CVE-2019-11236 DESCRIPTION: Python urllib...

6.5CVSS6.7AI score0.02056EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 12:43 p.m.32 views

Security Bulletin: A vulnerability in urllib3 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the urllib3 package has been addressed. Vulnerability Details CVEID:CVE-2019-11236 DESCRIPTION: Python urllib3 is vulnerable to CRLF injection, caused by improper validation of user-supplied input by the request parameter. By sending a specially-crafted HTTP response...

6.1CVSS6.8AI score0.02056EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.27 views

RHEL 6 : python-urllib3 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure...

9.8CVSS9AI score0.04488EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/29 8:35 p.m.31 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to CRLF injection in Python urllib3 [CVE-2019-11236]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to CRLF injection in Python urllib3, caused by improper validation of user-supplied input by the request parameter. CVE-2019-11236. Python urllib3 is included as a component of our Speech runtimes. This...

6.1CVSS6.9AI score0.02056EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/28 3:27 p.m.46 views

Security Bulletin: IBM Spectrum Symphony with urllib3 could allow a remote attacker to obtain sensitive information

Summary IBM Spectrum Symphony with urllib3 could allow a remote attacker to obtain sensitive information Vulnerability Details CVEID:CVE-2018-25091 DESCRIPTION: urllib3 could allow a remote attacker to obtain sensitive information, caused by not removing the authorization HTTP header when followi...

8.1CVSS7.7AI score0.03273EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2023/10/09 12:0 a.m.28 views

Debian: Security Advisory (DLA-3610-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.8AI score0.02836EPSS
Exploits1References4
Debian
Debian
added 2023/10/08 11:6 a.m.187 views

[SECURITY] [DLA 3610-1] python-urllib3 security update

Debian LTS Advisory DLA-3610-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin October 08, 2023 https://wiki.debian.org/LTS Package : python-urllib3 Version : 1.24.1-1+deb10u1 CVE ID : CVE-2019-11236 CVE-2019-11324 CVE-2020-26137 CVE-2023-43804 Debian Bug : 927172...

9.8CVSS6.7AI score0.0642EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/10/08 12:0 a.m.33 views

Debian dla-3610 : python-urllib3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3610 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3610-1 [email protected]...

9.8CVSS7.2AI score0.0642EPSS
Exploits3References16
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.39 views

Oracle Linux 8 : python-pip (ELSA-2020-1916)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1916 advisory. 9.0.3-16 - Add four new patches for CVEs in bundled urllib3 and requests CVE-2018-20060, CVE-2019-11236, CVE-2019-11324, CVE-2018-18074 Resolves:...

9.8CVSS7.2AI score0.07443EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.29 views

Oracle Linux 7 : python-urllib3 (ELSA-2019-2272)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-2272 advisory. - Add patch for CVE-2019-11236 Resolves: rhbz1703360 Tenable has extracted the preceding description block directly from the Oracle Linux security...

9.8CVSS7.1AI score0.04488EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.37 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to CRLF injection in Python (CVE-2019-11236).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to CRLF injection in Python urllib3, caused by improper validation of user-supplied input by the request parameter CVE-2019-11236. A remote attacker could exploit this vulnerability to conduct various attacks...

6.1CVSS6.9AI score0.02056EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.53 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.16.1.3)

The version of AOS installed on the remote host is prior to 5.16.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.16.1.3 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat...

9.8CVSS8.4AI score0.9927EPSS
Exploits64References21
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-3990-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS8.2AI score0.02056EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2022/05/13 1:9 a.m.5 views

abeja-sdk (>=0.2.0rc1 <=1.1.0rc1), abejacli (>=1.0.2 <=1.0.2rc1) +857 more potentially affected by CVE-2019-11236 via urllib3 (>=1.10.2 <=1.24.2)

urllib3 PYPI version =1.10.2, =0.2.0rc1, =1.0.2, =0.18.0.3, =0.5.0, =0.70.0, =2.0.1, =0.0.1, =0.5.0, =1.1.0rc6, =0.8.0, =0.10.1 and more Source cves: CVE-2019-11236 Source advisory: OSV:GHSA-R64Q-W8JR-G9QP...

6.1CVSS6.8AI score0.02056EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2019-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.04488EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/09/27 12:0 a.m.44 views

Photon OS 2.0: Python PHSA-2021-2.0-0393

An update of the python package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-2.0-0393. The text itself is copyright C VMware, Inc...

9.8CVSS7.8AI score0.04488EPSS
Exploits1References6
CBLMariner
CBLMariner
added 2021/08/11 6:39 a.m.20 views

CVE-2019-11236 affecting package python-urllib3 1.24.2-2

CVE-2019-11236 affecting package python-urllib3 1.24.2-2. An upgraded version of the package is available that resolves this issue...

6.1CVSS9.8AI score0.02056EPSS
Exploits1
Rows per page
Query Builder