EUVD-2019-19301

Malware in sbrugna...

EUVD-2019-8136

Malware in sbrugna...

Moderate: Red Hat Security Advisory: RHOSP 17.1.4 (python-requests) security update

An update for python-requests is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Malicious code in fake-usreagant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ef713dc551a4b2eb9b0c94b270f4c214aa90e688076e15bb263b3bb5f3b8484b Package imitates the legitimate fake-useragent, however it has a few suspicious additions: fake.py L149 calls a function from 'urllib2' module, which contains ...

MAL-2024-12270 Malicious code in fake-usreagant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ef713dc551a4b2eb9b0c94b270f4c214aa90e688076e15bb263b3bb5f3b8484b Package imitates the legitimate fake-useragent, however it has a few suspicious additions: fake.py L149 calls a function from 'urllib2' module, which contains ...

CLSA-2024-1723146030 Fix CVE(s): CVE-2021-3733

SECURITY UPDATE: Regular Expression Denial of Service - debian/patches/CVE-2021-3733.patch: Fix ReDoS vulnerability in AbstractBasicAuthHandler class of Lib/urllib2.py - CVE-2021-3733...

Rocky Linux 8 : python27:2.7 (RLSA-2019:3335)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:3335 advisory. - In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. CVE-2019-11236 - The...

Debian dla-3610 : python-urllib3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3610 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3610-1 [email protected]...

Oracle Linux 6 : python (ELSA-2011-0554)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0554 advisory. - rebase to 2.6.6: which contains the big whitespace cleanup of r81031 http://www.python.org/download/releases/2.6.6/ - fixup patch 102, patch 11, patc...

[SECURITY] Fedora 37 Update: python-requests-2.28.1-3.fc37

Most existing Python modules for sending HTTP requests are extremely verbose and cumbersome. Python=EF=BF=BD=EF=BF=BD=EF=BF=BDs built-in urllib2 module provid es most of the HTTP capabilities you should need, but the API is thoroughly broken. This library is designed to make HTTP requests easy fo...

[SECURITY] Fedora 38 Update: python-requests-2.28.2-2.fc38

Most existing Python modules for sending HTTP requests are extremely verbose and cumbersome. Python=EF=BF=BD=EF=BF=BD=EF=BF=BDs built-in urllib2 module provid es most of the HTTP capabilities you should need, but the API is thoroughly broken. This library is designed to make HTTP requests easy fo...

K75910138: Python vulnerabilities CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, and CVE-2012-1150

Security Advisory Description CVE-2011-1521 The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service...

SUSE CVE-2011-1521

The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service resource consumption via a crafted URL, as...

SUSE CVE-2019-9740

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the query string after a ? charact...

SUSE CVE-2019-9947

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the path component of a URL that...

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2022:4281-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4281-1 advisory. - An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF...

Python Multiple Vulnerabilities (May 2011) - Linux

Python is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

Python < 2.7.10, 3.x < 3.3.7, 3.4.x < 3.4.4 HTTP Header Injection Vulnerability (bpo-22928) - Linux

Python is prone to a HTTP header injection vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

The vulnerability of the urllib2 module in the Python programming language arises from insufficient neutralization of special elements in requests, allowing attackers to compromise data integrity.

The vulnerability of the urllib2 module in the Python programming language is related to the injection of CRLF characters. Exploiting this vulnerability allows an attacker to compromise the integrity of data...

The vulnerability of the urllib2 module in the Python programming language, related to the failure to eliminate the crlf sequence, allows attackers to compromise data integrity.

The vulnerability of the urllib2 module in the Python programming language is related to the lack of measures taken to neutralize the crlf sequence. Exploiting this vulnerability can allow an attacker to compromise data integrity remotely...