EUVD-2025-15741

Malicious code in bioql PyPI...

EUVD-2022-0341

Malicious code in bioql PyPI...

EUVD-2024-1565

Malicious code in bioql PyPI...

requests: Requests vulnerable to .netrc credentials leak via malicious URLs

A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue...

Insufficient sanitization of Host header in net/http

...

Linux Distros Unpatched Vulnerability : CVE-2023-29197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a...

MAL-2025-22760 Malicious code in http (npm)

The package http was found to contain malicious code...

Security Bulletin: Multiple vulnerabilities in IBM Business Automation Workflow Machine Learning Server are addressed with 24.0.0-IF006

Summary In addition to updates to operating system level packages, IBM Business Automation Workflow Machine Learning Server 24.0.0-IF006 addresses the following vulnerabilities. Vulnerability Details CVEID:CVE-2024-47081 DESCRIPTION: Requests is a HTTP library. Due to a URL parsing issue, Request...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2025-1097)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1097 advisory. Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgra...

OESA-2025-1840 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: CPP-HTTPLIB is a C++11 single file header that only cross-platform HTTP/HTTPS library. Prior to 0.23.0, incoming requests using transfer code:...

CBL Mariner 2.0 Security Update: python-requests (CVE-2024-47081)

The version of python-requests installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47081 advisory. - Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 May leak...

Azure Linux 3.0 Security Update: python-requests (CVE-2024-47081)

The version of python-requests installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47081 advisory. - Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 May leak...

Amazon Linux 2 : python-pip (ALAS-2025-2928)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2928 advisory. Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to versio...

CVE-2025-52887

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected...

Julia URIs.jl 注入漏洞

Julia URIs.jl is a Julia open source library for Julia. An injection vulnerability exists in Julia URIs.jl versions prior to 1.6.0 and HTTP.jl versions prior to 1.10.17, which stems from allowing the construction of URIs containing CRLF characters, potentially leading to a CRLF injection attack...

TencentOS Server 3: python-requests (TSSA-2023:0244)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0244 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2024-47081

A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Re...

[SECURITY] Fedora 41 Update: mingw-libsoup-2.74.3-12.fc41

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

[SECURITY] Fedora 42 Update: mingw-libsoup-2.74.3-12.fc42

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

OESA-2025-1611 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size...