534 matches found
Medium: python-requests
Issue Overview: A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the...
SUSE SLES12 Security Update : python-requests (SUSE-SU-2023:2865-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2865-1 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when...
Medium: python-requests
Issue Overview: A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the...
SUSE-SU-2023:2866-1 Security update for python-requests
This update for python-requests fixes the following issues: - CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header bsc1211674...
SUSE-SU-2023:2865-1 Security update for python-requests
This update for python-requests fixes the following issues: - CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header bsc1211674...
Security Bulletin: A Vulnerability in python-requests affects IBM InfoSphere Information Server (CVE-2023-32681)
Summary Python-requests is used by IBM InfoSphere Information Server. An information disclosure vulnerability in python-requests was addressed. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information, caused by the...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets (SUSE-SU-2023:2783-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-1 advisory. - aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data...
Security Bulletin: Multiple security vulnerabilities affecting Watson Knowledge Catalog for IBM Cloud Pak for Data
Summary Multiple security vulnerabilities impacting Watson Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-0842 DESCRIPTION: xml2js could allow a remote attacker to execute arbitrary code on the system, caused by a...
CBL Mariner 2.0 Security Update: python-requests (CVE-2023-32681)
The version of python-requests installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32681 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization...
Mageia: Security Advisory (MGASA-2023-0210)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality due to [CVE-2023-32681]
Summary Python module Requests is used by IBM App Connect Enterprise Certified Container for making HTTPS calls in mapping assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality. This bulletin...
MGASA-2023-0210 Updated python-requests packages fix security vulnerability
Forwarding proxy credentials to the destination server unintentionally CVE-2023-32681...
CVE-2023-32681 affecting package python-requests 2.22.0-2
CVE-2023-32681 affecting package python-requests 2.22.0-2. A patched version of the package is available...
CVE-2023-32681 affecting package python-requests for versions less than 2.27.1-6
CVE-2023-32681 affecting package python-requests for versions less than 2.27.1-6. A patched version of the package is available...
SUSE-SU-2023:2638-1 Security update for python-requests
This update for python-requests fixes the following issues: - CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header bsc1211674...
Security Bulletin: IBM Spectrum Discover is vulnerable to multiple vulnerabilities
Summary IBM has addressed multiple vulnerabilities in IBM Spectrum Discover. Webpack loader-utils CVE-2022-37601 is vulnerable to execute arbitrary code on the system caused by a pollution flaw in parseQuery function. OpenStack Keystone CVE-2021-3563 is vulnerable to bypass security restriction...
Fedora: Security Advisory for mingw-python-requests (FEDORA-2023-f3824383be)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : mingw-python-requests (2023-f3824383be)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-f3824383be advisory. Update to requests-2.31.0. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Fedora: Security Advisory for python-requests (FEDORA-2023-078e257f1c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for python-requests (FEDORA-2023-521ebb9cbb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...