Security Bulletin: There is a vulnerability in requests-2.32.5-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-25645)

Summary There is a vulnerability in requests-2.32.5-py3-none-any.whlused by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-25645 DESCRIPTION: Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses requests-2.32.2-py3-none-any.whl, requests-2.32.3-py3-none-any.whl which are vulnerable to CVE-2024-47081.

Summary IBM Maximo Application Suite - Monitor Component uses requests-2.32.2-py3-none-any.whl, requests-2.32.3-py3-none-any.whl which are vulnerable to CVE-2024-47081. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-47081...

EUVD-2014-0097

Malware in sbrugna...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses requests-2.32.3-py3-none-any.whl which is vulnerable to CVE-2024-47081

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses requests-2.32.3-py3-none-any.whl which is vulnerable to CVE-2024-47081 Vulnerability Details CVEID:CVE-2024-47081 DESCRIPTION: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior...

CVE-2024-47081

Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be...

Amazon Linux 2 : python38-pip (ALASPYTHON3.8-2024-017)

The version of python38-pip installed on the remote host is prior to 21.0.1-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2PYTHON3.8-2024-017 advisory. Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2024-780)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-780 advisory. Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the...

UBUNTU-CVE-2018-18074

The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network...