Количество 47
Количество 47
BDU:2019-02105
Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю установить SSL-соединение
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is po ...
GHSA-r64q-w8jr-g9qp
Improper Neutralization of CRLF Sequences in urllib3 library for Python
BDU:2020-01062
Уязвимость модуля urllib3 интерпретатора языка программирования Python, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP hea ...
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVE-2018-18074
The Requests package before 2.20.0 for Python sends an HTTP Authorizat ...
GHSA-www2-v7xj-xrc6
Exposure of Sensitive Information to an Unauthorized Actor in urllib3
BDU:2019-02104
Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками управления регистрационными данными, позволяющая нарушителю раскрыть защищаемую информацию
openSUSE-SU-2019:1754-1
Security update for python-requests
SUSE-SU-2022:1819-1
Security update for python-requests
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2019-02105 Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю установить SSL-соединение | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
 | CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
 | CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.5 | 1% Низкий | больше 6 лет назад |
 | CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
 | CVSS3: 6.1 | 1% Низкий | больше 4 лет назад | |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is po ... | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
| GHSA-r64q-w8jr-g9qp Improper Neutralization of CRLF Sequences in urllib3 library for Python | CVSS3: 6.1 | 1% Низкий | около 3 лет назад |
| BDU:2020-01062 Уязвимость модуля urllib3 интерпретатора языка программирования Python, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
| CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | CVSS3: 5.3 | 0% Низкий | около 7 лет назад |
| CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP hea ... | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | CVSS3: 2.6 | 0% Низкий | почти 7 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| CVE-2018-18074 The Requests package before 2.20.0 for Python sends an HTTP Authorizat ... | CVSS3: 7.5 | 0% Низкий | больше 6 лет назад |
| GHSA-www2-v7xj-xrc6 Exposure of Sensitive Information to an Unauthorized Actor in urllib3 | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| BDU:2019-02104 Уязвимость модуля urllib3 интерпретатора языка программирования Python, связанная с ошибками управления регистрационными данными, позволяющая нарушителю раскрыть защищаемую информацию | CVSS3: 9.8 | 0% Низкий | около 6 лет назад |
 | openSUSE-SU-2019:1754-1 Security update for python-requests | 0% Низкий | почти 6 лет назад | |
| SUSE-SU-2022:1819-1 Security update for python-requests | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу