USN-7762-1: pip vulnerabilities

Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information. This update addresses the issue in the Requests module bundled into pip in Ubuntu 22.04 LTS. CVE-2023-32681 I...

ROS-20250724-09

A vulnerability in the urllib3 module of the Python programming language interpreter is related to incorrect implementation of the Redirect object when processing redirects and retries. implementation of the Redirect object when processing redirects and retries. Exploitation of the vulnerability...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : pip vulnerability (USN-7084-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7084-2 advisory. USN-7084-1 fixed vulnerability in urllib3. This update provides the corresponding update for the urllib3...

ROS-20240412-04

A vulnerability in Salt's configuration management and remote execution system is related to the copying a script along a predictable path. Exploitation of the vulnerability could allow an attacker, acting remotely to run their own script. A vulnerability in the symbolic.py component of the Pytho...

Advisory ROSA-SA-2023-2203

Software: python 2.7.5 OS: rosa-server79 packageevrstring: python-2.7.5-93.res7 CVE-ID: CVE-2023-24329 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A problem in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blacklisting methods by providing a URL that starts with empty...