Lucene search
K

175 matches found

RedHat Linux
RedHat Linux
added 2024/11/19 1:27 a.m.3 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/11/19 1:25 a.m.4 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/11/12 10:24 a.m.5 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/11/11 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2024-0347)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.8AI score0.01141EPSS
Exploits1References3
OSV
OSV
added 2024/11/08 10:9 p.m.8 views

MGASA-2024-0347 Updated python-urllib3 packages fix security vulnerability

When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...

6.5CVSS5.1AI score0.01141EPSS
Exploits1References2
Mageia
Mageia
added 2024/11/08 10:9 p.m.30 views

Updated python-urllib3 packages fix security vulnerability

When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...

6.5CVSS7.3AI score0.01141EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/11/05 5:49 p.m.5 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/11/05 2:46 a.m.6 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/11/05 2:35 a.m.4 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/10/31 12:0 a.m.12 views

Amazon Linux 2023 : python3-urllib3 (ALAS2023-2024-747)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-747 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
Amazon
Amazon
added 2024/10/31 12:0 a.m.6 views

Medium: python-urllib3

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...

4.4CVSS7.4AI score0.01141EPSS
Exploits1
OSV
OSV
added 2024/10/29 3:4 p.m.3 views

USN-7084-1 python-urllib3 vulnerability

It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References2
OSV
OSV
added 2024/10/28 7:9 p.m.4 views

CLSA-2024-1730142536 python-urllib3: Fix of CVE-2024-37891

CVE-2024-37891: strip Proxy-Authorization header on redirects...

6.5CVSS6.9AI score0.01141EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2024/10/28 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2761)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.01141EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.11 views

EulerOS Virtualization 2.12.0 : python-urllib3 (EulerOS-SA-2024-2779)

According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.11 views

EulerOS Virtualization 2.12.1 : python-urllib3 (EulerOS-SA-2024-2761)

According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References2
OSV
OSV
added 2024/10/21 12:12 p.m.5 views

CLSA-2024-1729512774 python-pip: Fix of CVE-2024-37891

CVE-2024-37891: strip Proxy-Authorization header on redirects...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.8 views

Amazon Linux 2 : python-pip (ALAS-2024-2652)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2652 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However,...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
Amazon
Amazon
added 2024/10/15 12:0 a.m.3 views

Medium: python38-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...

6.5CVSS7AI score0.01141EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/10/14 2:5 a.m.6 views

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References4
Rows per page
Query Builder