Lucene search
K

534 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/15 12:0 a.m.5 views

Amazon Linux 2 : python38-pip (ALASPYTHON3.8-2024-013)

The version of python38-pip installed on the remote host is prior to 21.0.1-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2PYTHON3.8-2024-013 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
Amazon
Amazon
added 2024/10/15 12:0 a.m.3 views

Medium: python38-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...

6.5CVSS7AI score0.01141EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/10/14 2:5 a.m.5 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/10/14 12:0 a.m.7 views

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2024-729)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-729 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
Amazon
Amazon
added 2024/10/14 12:0 a.m.3 views

Medium: python3.11-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...

6.5CVSS7.4AI score0.01141EPSS
Exploits1
Amazon
Amazon
added 2024/10/14 12:0 a.m.4 views

Medium: python-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...

6.5CVSS7.4AI score0.01141EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/10/14 12:0 a.m.17 views

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2024-730)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-730 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
Amazon
Amazon
added 2024/10/14 12:0 a.m.6 views

Medium: python3.11-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...

4.4CVSS7.4AI score0.01141EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2541)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.01141EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.20 views

EulerOS 2.0 SP12 : python-pip (EulerOS-SA-2024-2540)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect...

8.1CVSS6.8AI score0.01207EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.9 views

EulerOS 2.0 SP12 : python-urllib3 (EulerOS-SA-2024-2516)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.12 views

EulerOS 2.0 SP12 : python-urllib3 (EulerOS-SA-2024-2541)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.11 views

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2516)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.01141EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/09/27 4:34 a.m.3 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:9 p.m.45 views

Security Bulletin: Vulnerability in Python affects IBM watsonx.data

Summary Requests have been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent through the tunnel, the proxy will identify...

6.1CVSS7.2AI score0.02782EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2024/09/18 4:7 p.m.5 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.18 views

EulerOS 2.0 SP9 : python-pip (EulerOS-SA-2024-2379)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.19 views

EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2024-2451)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect...

8.1CVSS6.8AI score0.01207EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.21 views

EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2024-2428)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect...

8.1CVSS6.8AI score0.01207EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.63 views

RHEL 9 : python-urllib3 (RHSA-2024:6358)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:6358 advisory. The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3:...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References5
Rows per page
Query Builder