175 matches found
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...
Mageia: Security Advisory (MGASA-2024-0347)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2024-0347 Updated python-urllib3 packages fix security vulnerability
When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...
Updated python-urllib3 packages fix security vulnerability
When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...
Amazon Linux 2023 : python3-urllib3 (ALAS2023-2024-747)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-747 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However...
Medium: python-urllib3
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...
USN-7084-1 python-urllib3 vulnerability
It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information...
CLSA-2024-1730142536 python-urllib3: Fix of CVE-2024-37891
CVE-2024-37891: strip Proxy-Authorization header on redirects...
Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2761)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.12.0 : python-urllib3 (EulerOS-SA-2024-2779)
According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...
EulerOS Virtualization 2.12.1 : python-urllib3 (EulerOS-SA-2024-2761)
According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...
CLSA-2024-1729512774 python-pip: Fix of CVE-2024-37891
CVE-2024-37891: strip Proxy-Authorization header on redirects...
Amazon Linux 2 : python-pip (ALAS-2024-2652)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2652 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However,...
Medium: python38-pip
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...