Linux Distros Unpatched Vulnerability : CVE-2022-23607

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient...

OPENSUSE-SU-2024:11806-1 python310-treq-22.1.0-1.1 on GA media

These are all security issues fixed in the python310-treq-22.1.0-1.1 package on the GA media of openSUSE Tumbleweed...

FreeBSD : py-treq -- sensitive information leak vulnerability (181f5e49-b71d-4527-9464-d4624d69acc3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 181f5e49-b71d-4527-9464-d4624d69acc3 advisory. - treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request...

SUSE CVE-2022-23607

treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to every domain...

OPENSUSE-SU-2022:10098-1 Security update for python-treq

This update for python-treq fixes the following issues: - Fixed CVE-2022-23607 boo1195432 binding cookies to the domain...

Security update for python-treq (moderate)

openSUSE Security Update: Security update for python-treq Announcement ID: openSUSE-SU-2022:10098-1 Rating: moderate References: 1195432 Cross-References: CVE-2022-23607 CVSS scores: CVE-2022-23607 NVD : 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N Affected Products: openSUSE Backports...

Debian: Security Advisory (DLA-2954-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2954-1] python-treq security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2954-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb March 18, 2022 https://wiki.debian.org/LTS -...

DLA-2954-1 python-treq - security update

Bulletin has no description...

Debian DLA-2954-1 : python-treq - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2954 advisory. - treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient construct...

Information Disclosure

treq is vulnerable to information disclosure. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor passes a dictionary as the cookies argument, leaking information upon an HTTP redirect to a different domain., e.g. should https://example.com redirect to...

DEBIAN-CVE-2022-23607

treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to every domain...

CVE-2022-23607

treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to every domain...

CVE-2022-23607

treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to every domain...

Design/Logic Flaw

treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to every domain...

CVE-2022-23607

treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to every domain...

UBUNTU-CVE-2022-23607

treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to every domain...

PYSEC-2022-26

treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to every domain...

buildbot-fossil (=0.3.0), epcpm (>=2019.2.3 <=2021.7.0) +4 more potentially affected by CVE-2022-23607 via treq (>=21.1.0 <=21.5.0)

treq PYPI version =21.1.0, =2019.2.3, =0.0.0, =0.8.0, =0.8.0, =1.0.2, =1.1.2 Source cves: CVE-2022-23607 Source advisory: OSV:PYSEC-2022-26...

CVE-2022-23607

treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods treq.get, treq.post, etc. and treq.client.HTTPClient constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to every domain...