Описание
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with trust_env=False
on one's Requests Session.
Релиз | Статус | Примечание |
---|---|---|
devel | needed | |
esm-apps/bionic | needed | |
esm-apps/focal | needed | |
esm-apps/jammy | needed | |
esm-apps/noble | needed | |
esm-apps/xenial | needed | |
esm-infra-legacy/trusty | needed | |
jammy | needed | |
noble | needed | |
oracular | needed |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
devel | released | 2.32.3+dfsg-5ubuntu2 |
esm-infra-legacy/trusty | released | 2.2.1-1ubuntu0.4+esm1 |
esm-infra/bionic | released | 2.18.4-2ubuntu0.1+esm2 |
esm-infra/focal | released | 2.22.0-2ubuntu1.1+esm1 |
esm-infra/xenial | released | 2.9.1-3ubuntu0.1+esm2 |
jammy | released | 2.25.1+dfsg-2ubuntu0.3 |
noble | released | 2.31.0+dfsg-1ubuntu1.1 |
oracular | released | 2.32.3+dfsg-1ubuntu1.1 |
plucky | released | 2.32.3+dfsg-4ubuntu1.1 |
upstream | released | 2.32.4 |
Показывать по
5.3 Medium
CVSS3
Связанные уязвимости
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.
Requests is a HTTP library. Due to a URL parsing issue, Requests relea ...
5.3 Medium
CVSS3