50 matches found
TencentOS Server 3: python-urllib3 (TSSA-2022:0179)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0179 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2020-26137, CVE-2020-7212, CVE-2021-33503]
Summary The urllib3 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2020-26137, CVE-2020-7212, CVE-2021-33503. Vulnerability Details CVEID:CVE-2020-26137 DESCRIPTION: urllib3 is vulnerable to CRLF injection. By inserting...
Security Bulletin: Vulnerability in urllib3 affects IBM Integrated Analytics System [CVE-2023-43804, CVE-2021-33503].
Summary The urllib3 package is used by IBM Integrated Anayltics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-43804, CVE-2021-33503. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive...
RHEL 7 / 8 : Red Hat Automation Platform 1.2.5 (RHSA-2021:3473)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3473 advisory. Red Hat Ansible Automation Platform integrates Red Hats automation suite consisting of Red Hat Ansible Tower, Red Hat Ansible Engine, and use-cas...
Security Bulletin: Vulnerability in Python-urllib3 affects IBM Cloud Pak for Data System 2.0 (CPDS2.0)
Summary Python-urllib3 is used by IBM Cloud Pak for Data System 2.0. IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2020-26137,CVE-2020-7212, CVE-2021-33503. Vulnerability Details CVEID:CVE-2020-26137 DESCRIPTION: urllib3 is vulnerable to CRLF injection. By inserting CR an...
Security Bulletin: IBM Spectrum Symphony with urllib3 could allow a remote attacker to obtain sensitive information
Summary IBM Spectrum Symphony with urllib3 could allow a remote attacker to obtain sensitive information Vulnerability Details CVEID:CVE-2018-25091 DESCRIPTION: urllib3 could allow a remote attacker to obtain sensitive information, caused by not removing the authorization HTTP header when followi...
K23456112: Python urllib3 vulnerability CVE-2021-33503
Security Advisory Description An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or...
Ubuntu: Security Advisory (USN-5812-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS : urllib3 vulnerability (USN-5812-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5812-1 advisory. It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2023-1152)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2023-1173)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : python-pip (EulerOS-SA-2023-1152)
According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, whic...
EulerOS Virtualization 2.10.0 : python-pip (EulerOS-SA-2023-1173)
According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, whic...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2022-2828)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2022-2854)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2022-2854)
According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a...
EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2022-2828)
According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a...
CVE-2021-33503 affecting package python-urllib3 for versions less than 1.25.9-3
CVE-2021-33503 affecting package python-urllib3 for versions less than 1.25.9-3. A patched version of the package is available...
Security Bulletin: urllib upgrade CVE-2021-33503, CVE-2021-28363
Summary The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy if an SSLContext isn't given via proxyconfig doesn't verify the hostname of the certificate. This means certificat...
Mageia: Security Advisory (MGASA-2021-0371)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...