Lucene search
K

534 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:28 p.m.8 views

CVE-2021-3116

beforeupstreamconnection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion and versus or...

7.5CVSS6.8AI score0.01673EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0097: python-requests (ALINUX3-SA-2023:0097)

The remote Alibaba Cloud Linux 3 host has a package installed that is affected by a vulnerability as referenced in the ALINUX3-SA-2023:0097 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-32681: Requests is a HTTP library. Since...

6.1CVSS7.1AI score0.02782EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0179: resource-agents (ALINUX3-SA-2024:0179)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0179 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-37891: urllib3 is a user-friendly...

8.8CVSS7.8AI score0.01939EPSS
Exploits1References3
OSV
OSV
added 2025/05/07 7:11 p.m.8 views

RLSA-2024:5309 Moderate: python-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 For more details about the security issues, including the impact, a...

4.4CVSS6.6AI score0.01141EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/03 7:22 a.m.10 views

Security Bulletin: Vulnerability in requests affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-32681]

Summary The requests package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-32681. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking...

6.1CVSS6.4AI score0.02782EPSS
Exploits1Affected Software1
Snyk
Snyk
added 2025/04/14 11:40 p.m.3 views

Information Exposure

Overview agpt is an An open-source attempt to make GPT-4 autonomous Affected versions of this package are vulnerable to Information Exposure through the request.py wrapper. An attacker can intercept and misuse sensitive information by exploiting the improper handling of HTTP headers and cookies...

9.2CVSS6.6AI score0.00388EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.9 views

python3.12-urllib3 security update

An update is available for python3.12-urllib3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list urllib3 is a powerful, user-friendly HTTP client for Python. urlli...

6.5CVSS7.2AI score0.01141EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 2:10 p.m.25 views

Security Bulletin: Netcool Operations Insights 1.6.14 addresses multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.14 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: Requests is a HTTP library. Since Requests 2.3.0,...

8.2CVSS9.7AI score0.91969EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-32681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS...

6.1CVSS6.9AI score0.02782EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-37891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to...

6.5CVSS6.6AI score0.01141EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2013-2503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for...

5.8CVSS7.2AI score0.04632EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.1 views

Astra Linux – Vulnerability in Node.js

Undici is an HTTP/1.1 client, developed from scratch for Node.js. Undici clears the Authorization and Proxy-Authorization headers for fetch, but does not clear them for undici.request. This vulnerability was fixed in versions 5.28.4 and 6.11.1...

4.3CVSS6.6AI score0.00734EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in python-urllib3

urllib3 is a user-friendly HTTP client library for Python. When using urllib3’s proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3’s proxy support, it’s possible to accidental...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.6 views

Azure Linux 3.0 Security Update: python-pip / python-urllib3 / python3 (CVE-2024-37891)

The version of python-pip / python-urllib3 / python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-37891 advisory. - urllib3 is a user-friendly HTTP client library for Python. When using urllib3...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References2
SUSE Linux
SUSE Linux
added 2025/02/03 8:53 a.m.2 views

Security update for python-urllib3

This update for python-urllib3 fixes the following issues: CVE-2024-37891: Fixed issue where proxy-authorization request header was not stripped during cross-origin redirects bsc1226469 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

4.4CVSS7.3AI score0.01141EPSS
Exploits1References4
OSV
OSV
added 2025/02/03 8:53 a.m.0 views

SUSE-SU-2025:20037-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: - CVE-2024-37891: Fixed issue where proxy-authorization request header was not stripped during cross-origin redirects bsc1226469...

6.5CVSS6.9AI score0.01141EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/01/21 12:0 a.m.16 views

EulerOS 2.0 SP8 : python-urllib3 (EulerOS-SA-2025-1128)

According to the versions of the python-urllib3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.21 views

EulerOS 2.0 SP9 : python-urllib3 (EulerOS-SA-2025-1062)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.17 views

EulerOS 2.0 SP9 : python-urllib3 (EulerOS-SA-2025-1045)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/01/13 12:0 a.m.13 views

EulerOS 2.0 SP10 : python-urllib3 (EulerOS-SA-2025-1030)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References2
Rows per page
Query Builder