RLSA-2024:5309 Moderate: python-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 For more details about the security issues, including the impact, a...

python3.12-urllib3 security update

An update is available for python3.12-urllib3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list urllib3 is a powerful, user-friendly HTTP client for Python. urlli...

SUSE-SU-2024:1837-1 Security update for nodejs16

This update for nodejs16 fixes the following issues: - CVE-2024-30260: undici: proxy-authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline bsc1222530 - CVE-2024-30261: undici: Ensure that integrity cannot be tampered with bsc1222603...

SUSE-SU-2024:1309-1 Security update for nodejs18

This update for nodejs18 fixes the following issues: Update to 18.20.1 Security fixes: - CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::Http2Session that could lead to HTTP/2 server crash bsc1222244 - CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscatio...