10 matches found
ROOT-APP-PYPI-CVE-2026-25645 CVE-2026-25645 in rootio-requests - Patched by Root
Root has patched CVE-2026-25645 in the rootio-requests package for Root:PyPI. Multiple fixed versions available...
EulerOS Virtualization 2.13.0 : python-requests (EulerOS-SA-2026-2417)
According to the versions of the python-requests packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility function uses a...
Security update for python-requests (moderate)
openSUSE security update: security update for python-requests ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20926-1 Rating: moderate References: bsc1260589 Cross-References: CVE-2026-25645 CVSS scores: CVE-2026-25645 SUSE : 5.5...
OESA-2026-2362 python-pip security update
%changelog Thu Apr 9 2026 yixiangzhike [email protected] - 23.3.1-10 - Fix CVE-2026-25645 Security Fixes: pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavio...
Security Bulletin: There is a vulnerability in requests-2.32.5-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-25645)
Summary There is a vulnerability in requests-2.32.5-py3-none-any.whlused by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-25645 DESCRIPTION: Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility...
Security update for python-requests
This update for python-requests fixes the following issues: CVE-2026-25645: extractzippedpaths uses predictable filenames when extracting files from zip archives and reuses target files that already exist without validation bsc1260589. Patch Instructions: To install this SUSE update use the SUSE...
OESA-2026-1909 python-pip security update
%changelog Fri Feb 13 2026 Linuxzhang [email protected] - 23.3.1-9 - Fix CVE-2026-21441 Security Fixes: Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility function uses a predictable filename when extracting files from zip archives into the system...
GHSA-5QVP-PR9F-2G2V poetry-plugin-tweak-dependencies-version affected by CVE-2026-25645
Pin vulnerable version of requests library...
CVE-2026-25645
creationtimestamp| type| source ---|---|--- 2026-03-30 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0381/ 2026-03-31 14:45:18+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mieg3xyw3g26...
CVE-2026-25645 vulnerabilities
Vulnerabilities for packages: py3-pipenv, pypy-3.11, kubeflow-katib, tensorflow-cpu-jupyter, jwt-tool, dask-kubernetes, airflow, emissary, confluent-docker-utils, datadog-agent, semgrep, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, az, k8s-sidecar, ggshield, superset, jupyter-base-notebook...