Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Request Security Vulnerabilities - November

cve
cve

CVE-2017-16026

Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request >=2.2.6 <2.47.0 || >2.51.0 <=2.67.0.

5.9CVSS

5.6AI Score

0.002EPSS

2018-06-04 07:29 PM
40
cve
cve

CVE-2023-28155

The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

6.1CVSS

6.1AI Score

0.001EPSS

2023-03-16 03:15 PM
164
cve
cve

CVE-2024-35195

Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verify....

5.6CVSS

6.1AI Score

0.0004EPSS

2024-05-20 09:15 PM
49