Linux Distros Unpatched Vulnerability : CVE-2024-37891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to...

RHEL 9 : python3.11-urllib3 (RHSA-2024:9922)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9922 advisory. The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3:...

Moderate: Red Hat Security Advisory: python3.11-urllib3 security update

An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

MGASA-2024-0347 Updated python-urllib3 packages fix security vulnerability

When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...

EulerOS 2.0 SP12 : python-urllib3 (EulerOS-SA-2024-2541)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

Moderate: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

SUSE: Security Advisory (SUSE-SU-2024:2662-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-45803 affecting package python-urllib3 for versions less than 1.26.18-1

CVE-2023-45803 affecting package python-urllib3 for versions less than 1.26.18-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-43804 affecting package python-urllib3 for versions less than 1.26.18-1

CVE-2023-43804 affecting package python-urllib3 for versions less than 1.26.18-1. An upgraded version of the package is available that resolves this issue...

Rocky Linux 8 : python-urllib3 (RLSA-2021:1631)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2021:1631 advisory. - urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the...

MGASA-2021-0377 Updated python-urllib3 package fixes security vulnerabilities

The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy if an SSLContext isn't given via proxyconfig doesn't verify the hostname of the certificate. This means certificates for...

Updated python-urllib3 packages fix security vulnerability

It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts CVE-2018-20060. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacke...