EulerOS 2.0 SP2 : python-urllib3 (EulerOS-SA-2020-1643)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1643)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : python-pip on SL7.x (noarch) (20200512)

Security Fixes : - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 - python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-11236 - python-urllib3:...

Moderate: Red Hat Security Advisory: python-pip security update

An update for python-pip is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure

urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext...

RHEL 7 : python-pip (RHSA-2020:2068)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2068 advisory. pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python...

RHEL 7 : python-virtualenv (RHSA-2020:2081)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2081 advisory. The virtualenv tool creates isolated Python environments. The virtualenv tool is a successor to workingenv, and an extension of...

python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter...

Moderate: Red Hat Security Advisory: python-pip security update

An update for python-pip is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 8 : python27:2.7 (RHSA-2020:1605)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1605 advisory. Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic...

EulerOS Virtualization for ARM 64 3.0.6.0 : python-urllib3 (EulerOS-SA-2020-1340)

According to the version of the python-urllib3 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1340)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : python-virtualenv (RHSA-2020:0851)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0851 advisory. - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect...

CentOS 7 : python-pip (RHSA-2020:0850)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0850 advisory. - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect...

python security update

CentOS Errata and Security Advisory CESA-2020:0851 An update for python-virtualenv is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

EulerOS Virtualization 3.0.2.2 : python-urllib3 (EulerOS-SA-2020-1277)

According to the version of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request...

Oracle Linux 7 : python-virtualenv (ELSA-2020-0851)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0851 advisory. 15.1.0-4 - Bump Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1643829 15.1.0-3 - Add three new patches for CVEs in bundled urllib3 and...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2020-1277)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : python-pip (ELSA-2020-0850)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0850 advisory. 9.0.3-7 - Bump Resolves: rhbz1649153 Resolves: rhbz1700824 Resolves: rhbz1702473 Resolves: rhbz1643829 9.0.3-6 - Add four new patches for CVEs in bundl...

python3 security update

CentOS Errata and Security Advisory CESA-2020:0850 An update for python-pip is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...