Количество 47
Количество 47
ELSA-2019-3335
ELSA-2019-3335: python27:2.7 security and bug fix update (MODERATE)
CVE-2019-11324
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.
CVE-2019-11324
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.
CVE-2019-11324
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.
CVE-2019-11324
The urllib3 library before 1.24.2 for Python mishandles certain cases ...
GHSA-mh33-7rrq-662w
Improper Certificate Validation in urllib3
BDU:2019-02105
Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю установить SSL-соединение
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorizat ...
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is po ...
openSUSE-SU-2019:1754-1
Security update for python-requests
SUSE-SU-2022:1819-1
Security update for python-requests
SUSE-SU-2022:1448-1
Security update for python-requests
SUSE-SU-2020:0555-1
Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2019-3335 ELSA-2019-3335: python27:2.7 security and bug fix update (MODERATE) | больше 5 лет назад | ||
 | CVE-2019-11324 The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
 | CVE-2019-11324 The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
 | CVE-2019-11324 The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
| CVE-2019-11324 The urllib3 library before 1.24.2 for Python mishandles certain cases ... | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
| GHSA-mh33-7rrq-662w Improper Certificate Validation in urllib3 | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
 | BDU:2019-02105 Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю установить SSL-соединение | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | CVSS3: 2.6 | 0% Низкий | почти 7 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorizat ... | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.5 | 1% Низкий | больше 6 лет назад |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
 | CVSS3: 6.1 | 1% Низкий | больше 4 лет назад | |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is po ... | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
 | openSUSE-SU-2019:1754-1 Security update for python-requests | 0% Низкий | почти 6 лет назад | |
| SUSE-SU-2022:1819-1 Security update for python-requests | 0% Низкий | около 3 лет назад | |
| SUSE-SU-2022:1448-1 Security update for python-requests | 0% Низкий | около 3 лет назад | |
| SUSE-SU-2020:0555-1 Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу