OPENSUSE-SU-2026:20384-1 Security update for libsoup

This update for libsoup fixes the following issues: Update to libsoup 3.6.6: - CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion bsc1252555. - CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy bsc1254876. - CVE-2025-32049:...

RLSA-2023:7050 Moderate: python38:3.8 and python38-devel:3.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2023-7325:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7325:03 advisory. python: tarfile module directory traversal CVE-2007-4559 python-requests: Unintended leak of Proxy-Authorization header CVE-2023-32681 Tenable has...

MiracleLinux 8 : python-requests-2.20.0-3.el8 (AXSA:2023-6324:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6324:02 advisory. python-requests: Unintended leak of Proxy-Authorization header CVE-2023-32681 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python38:3.8 and python38-devel:3.8 (AXSA:2023-7324:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7324:01 advisory. python: tarfile module directory traversal CVE-2007-4559 python-requests: Unintended leak of Proxy-Authorization header CVE-2023-32681 Tenable has...

EulerOS Virtualization 2.13.0 : python-pip (EulerOS-SA-2025-2616)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : pip vulnerabilities (USN-7762-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7762-1 advisory. Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2025-2039)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-4673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Note that Nessus...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to python - requests

Summary IBM Sterling Connect:Direct Web Service uses python - requests , python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of Proxy-Authorization headers to destination servers during redirects to an HTTPS origin. Vulnerability Details...

USN-6155-2 requests vulnerability

USN-6155-1 fixed a vulnerability in Requests. This update provides the corresponding update for Ubuntu 16.04 ESM and 18.04 ESM. Original advisory details: Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly us...

PT-2023-3599

Name of the Vulnerable Software and Affected Versions Requests versions 2.3.0 through 2.30.0 Description The issue is related to the leaking of Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This occurs due to how the rebuild proxies function is used to...