Количество 47
Количество 47
BDU:2019-02105
Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю установить SSL-соединение
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP hea ...
GHSA-www2-v7xj-xrc6
Exposure of Sensitive Information to an Unauthorized Actor in urllib3
BDU:2019-02104
Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками управления регистрационными данными, позволяющая нарушителю раскрыть защищаемую информацию
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorizat ...
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is po ...
openSUSE-SU-2019:1754-1
Security update for python-requests
SUSE-SU-2022:1819-1
Security update for python-requests
SUSE-SU-2022:1448-1
Security update for python-requests
SUSE-SU-2020:0555-1
Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2019-02105 Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю установить SSL-соединение | CVSS3: 7.5 | 2% Низкий | больше 6 лет назад |
 | CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
 | CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | CVSS3: 5.3 | 0% Низкий | больше 7 лет назад |
 | CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP hea ... | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| GHSA-www2-v7xj-xrc6 Exposure of Sensitive Information to an Unauthorized Actor in urllib3 | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| BDU:2019-02104 Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками управления регистрационными данными, позволяющая нарушителю раскрыть защищаемую информацию | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | CVSS3: 7.5 | 0% Низкий | почти 7 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | CVSS3: 2.6 | 0% Низкий | около 7 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | CVSS3: 7.5 | 0% Низкий | почти 7 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorizat ... | CVSS3: 7.5 | 0% Низкий | почти 7 лет назад |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.5 | 1% Низкий | больше 6 лет назад |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
 | CVSS3: 6.1 | 1% Низкий | больше 4 лет назад | |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is po ... | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
 | openSUSE-SU-2019:1754-1 Security update for python-requests | 0% Низкий | около 6 лет назад | |
| SUSE-SU-2022:1819-1 Security update for python-requests | 0% Низкий | около 3 лет назад | |
| SUSE-SU-2022:1448-1 Security update for python-requests | 0% Низкий | больше 3 лет назад | |
| SUSE-SU-2020:0555-1 Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу