CVE-2022-0430 Exposure of Sensitive Information to an Unauthorized Actor in httpie/httpie

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0...

CVE-2022-0430

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0...

HTTPie 安全漏洞

HTTPie is a command line HTTP client. A security vulnerability exists in HTTPie before 3.1.0, which allows unauthorized participants to access sensitive information...

Information Disclosure

httpie is vulnerable to information disclosure. The vulnerability exists when handling cookies because all cookies were shared across all hosts during the runtime including redirects to the 3rd party hosts which allows a malicious attacker to gain access to sensitive information...

Exposure of Sensitive Information to an Unauthorized Actor in httpie

Impact HTTPie have the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. As an example, we can make an authenticated request and save it to a named session called api:...

dalineunit (>=0.0.31 <=0.0.69), encapsia-cli (>=0.1.8 <=0.5.1) +5 more potentially affected by CVE-2022-24737 via httpie (>=1.0.3 <=2.6.0)

httpie PYPI version =1.0.3, =0.0.31, =0.1.8, =0.0.14, =1.0.0, =1.3.21, =1.9.24 - veracode-api-signing =21.3.0 Source cves: CVE-2022-24737 Source advisory: OSV:GHSA-9W4W-CPC8-H2FQ...

GHSA-9W4W-CPC8-H2FQ Exposure of Sensitive Information to an Unauthorized Actor in httpie

Impact HTTPie have the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. As an example, we can make an authenticated request and save it to a named session called api:...

DEBIAN-CVE-2022-24737

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and host...

CVE-2022-24737

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and host...

UBUNTU-CVE-2022-24737

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and host...

CVE-2022-24737

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and host...

CVE-2022-24737

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and host...

Hardcoded credentials

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and host...

PYSEC-2022-34

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and...

dalineunit (>=0.0.31 <=0.0.69), encapsia-cli (>=0.1.8 <=0.5.1) +5 more potentially affected by CVE-2022-24737 via httpie (>=1.0.3 <=2.6.0)

httpie PYPI version =1.0.3, =0.0.31, =0.1.8, =0.0.14, =1.0.0, =1.3.21, =1.9.24 - veracode-api-signing =21.3.0 Source cves: CVE-2022-24737 Source advisory: OSV:PYSEC-2022-34...

PYSEC-2022-34

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and...

CVE-2022-24737 Exposure of Sensitive Information to an Unauthorized Actor in httpie

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and host...

CVE-2022-24737 Exposure of Sensitive Information to an Unauthorized Actor in httpie

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and host...

CVE-2022-24737 Exposure of Sensitive Information to an Unauthorized Actor in httpie

HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help users to persistently store some of the state that belongs to the outgoing requests and incoming responses on the disk for further usage. Before 3.1.0, HTTPie didn‘t distinguish between cookies and host...

CVE-2022-24737

CVE-2022-24737 affects the HTTPie command-line HTTP client. Before 3.1.0, HTTPie did not distinguish between cookies and the hosts they belonged to, which could lead to exposure of some cookies when redirects occur from the actual host to a third-party site. Public advisories and vendor notes con...