Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-47081

Опубликовано: 09 июн. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.3

Описание

Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with trust_env=False on one's Requests Session.

РелизСтатусПримечание
devel

pending

25.1.1+dfsg-1ubuntu2
esm-apps/bionic

not-affected

9.0.1-2.3~ubuntu1.18.04.8+esm7
esm-apps/focal

not-affected

20.0.2-5ubuntu1.11+esm3
esm-apps/jammy

released

22.0.2+dfsg-1ubuntu0.7
esm-apps/noble

released

24.0+dfsg-1ubuntu1.3
esm-apps/xenial

not-affected

8.1.1-2ubuntu0.6+esm11
esm-infra-legacy/trusty

not-affected

1.5.4-1ubuntu4+esm5
jammy

released

22.0.2+dfsg-1ubuntu0.7
noble

released

24.0+dfsg-1ubuntu1.3
oracular

ignored

end of life, was needed

Показывать по

РелизСтатусПримечание
devel

released

2.32.3+dfsg-5ubuntu2
esm-infra-legacy/trusty

released

2.2.1-1ubuntu0.4+esm1
esm-infra/bionic

released

2.18.4-2ubuntu0.1+esm2
esm-infra/focal

released

2.22.0-2ubuntu1.1+esm1
esm-infra/xenial

released

2.9.1-3ubuntu0.1+esm2
jammy

released

2.25.1+dfsg-2ubuntu0.3
noble

released

2.31.0+dfsg-1ubuntu1.1
oracular

released

2.32.3+dfsg-1ubuntu1.1
plucky

released

2.32.3+dfsg-4ubuntu1.1
questing

released

2.32.3+dfsg-5ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 29%
0.00104
Низкий

5.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2024-47081

CVSS3: 5.3
redhat
5 месяцев назад

Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

nvd логотип

CVE-2024-47081

CVSS3: 5.3
nvd
5 месяцев назад

Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.

msrc логотип

CVE-2024-47081

CVSS3: 5.3
msrc
4 месяца назад

Requests vulnerable to .netrc credentials leak via malicious URLs

debian логотип

CVE-2024-47081

CVSS3: 5.3
debian
5 месяцев назад

Requests is a HTTP library. Due to a URL parsing issue, Requests relea ...

suse-cvrf логотип

SUSE-SU-2025:02205-1

suse-cvrf
4 месяца назад

Security update for python-requests

EPSS

Процентиль: 29%
0.00104
Низкий

5.3 Medium

CVSS3