523 matches found
AZL-26985 CVE-2023-32681 affecting package python-requests for versions less than 2.27.1-6
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
DEBIAN-CVE-2023-32681
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
CVE-2023-32681
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
Design/Logic Flaw
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
UBUNTU-CVE-2023-32681
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
CVE-2023-32681
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
PYSEC-2023-74
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
PYSEC-2023-74
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
CVE-2023-32681 Unintended leak of Proxy-Authorization header in requests
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
CVE-2023-32681 Unintended leak of Proxy-Authorization header in requests
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
CVE-2023-32681 Unintended leak of Proxy-Authorization header in requests
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
CVE-2023-32681
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
CVE-2023-32681
CVE-2023-32681 affects the Python-requests project: a Proxy-Authorization header can be leaked to destination servers when redirects head to HTTPS due to how rebuild_proxies reattaches credentials. The issue arises in requests before the fix and is mitigated by upgrading to version 2.31.0 or late...
SUSE CVE-2023-32681
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
Fedora 38 : python-requests (2023-521ebb9cbb)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-521ebb9cbb advisory. - Security fix for CVE-2023-32681 - https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q Tenable has extracted the preceding description...
CVE-2023-32681
A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the Proxy-Authorization...
Unintended Leaks Of Proxy-Authorization Header
requests is vulnerable to Unintended Leaks Of Proxy-Authorization Header. The vulnerability exists in the rebuildproxies function of sessions.py when the credentials are supplied in the URL user information component such as https://username:password@proxy:8080, which allows an attacker to gain...
GHSA-J8R2-6X86-Q33Q Unintended leak of Proxy-Authorization header in requests
Impact Since Requests v2.3.0, Requests has been vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the Proxy-Authorization header to...
Unintended leak of Proxy-Authorization header in requests
Impact Since Requests v2.3.0, Requests has been vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the Proxy-Authorization header to...
PT-2023-3599
Name of the Vulnerable Software and Affected Versions Requests versions 2.3.0 through 2.30.0 Description The issue is related to the leaking of Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This occurs due to how the rebuild proxies function is used to...