5 matches found
OESA-2026-2629 python-pip security update
%changelog Sat Jul 13 2024 yangyuan [email protected] - 23.3.1-2 - Fix CVE-2023-45803 and CVE-2024-37891 Security Fixes: A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel...
CVE-2024-37891
creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/ 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...
Medium: python3.13-pip
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...
MiracleLinux 7 : python-pip-9.0.3-8.0.1.el7.AXS7 (AXSA:2024-8982:05)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8982:05 advisory. CVE-2024-37891: strip Proxy-Authorization header on redirects CVEs: CVE-2024-37891 urllib3 is a user-friendly HTTP client library for Python. When using...
0xdegenmo-lighter-mcp (=0.1.1), 1337x (=1.2.5) +1192 more potentially affected by CVE-2024-37891 via urllib3 (>=2.0.0 <=2.2.1)
urllib3 PYPI version =2.0.0, =1.1.2, =0.1.2, =1.0.0, =2.6.4, =0.1.2, =0.0.1, =0.1.1, =0.0.5, =0.0.9 - agl-ocr-reader =1.1.1 - ahvac =1.15.0 and more Source cves: CVE-2024-37891 Source advisory: OSV:GHSA-34JH-P97F-MPXF...