CVE-2014-1829

Опубликовано: 15 окт. 2014

Источник: debian

Описание

Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
requests	fixed	2.3.0-1		package

Примечания

https://github.com/kennethreitz/requests/issues/1885

Связанные уязвимости

CVE-2014-1829

ubuntu

больше 11 лет назад

Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.

CVE-2014-1829

redhat

около 12 лет назад

Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.

CVE-2014-1829

nvd

больше 11 лет назад

Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.

GHSA-cfj3-7x9c-4p3h

CVSS3: 5.3

github

больше 3 лет назад

Exposure of Sensitive Information to an Unauthorized Actor in Requests