Количество 28
Количество 28
ELSA-2019-2272
ELSA-2019-2272: python-urllib3 security update (MODERATE)
ELSA-2020-2081
ELSA-2020-2081: python-virtualenv security update (MODERATE)
ELSA-2020-0851
ELSA-2020-0851: python-virtualenv security update (MODERATE)
openSUSE-SU-2019:2131-1
Security update for python-urllib3
SUSE-SU-2019:2370-1
Security update for python-urllib3
SUSE-SU-2019:2331-1
Security update for python-urllib3
ELSA-2020-2068
ELSA-2020-2068: python-pip security update (MODERATE)
ELSA-2020-1916
ELSA-2020-1916: python-pip security update (MODERATE)
ELSA-2020-0850
ELSA-2020-0850: python-pip security update (MODERATE)
ELSA-2020-1605
ELSA-2020-1605: python27:2.7 security, bug fix, and enhancement update (MODERATE)
RLSA-2020:1605
Moderate: python27:2.7 security, bug fix, and enhancement update
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP hea ...
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-11236
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is po ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2019-2272 ELSA-2019-2272: python-urllib3 security update (MODERATE) | почти 6 лет назад | ||
| ELSA-2020-2081 ELSA-2020-2081: python-virtualenv security update (MODERATE) | около 5 лет назад | ||
| ELSA-2020-0851 ELSA-2020-0851: python-virtualenv security update (MODERATE) | больше 5 лет назад | ||
 | openSUSE-SU-2019:2131-1 Security update for python-urllib3 | почти 6 лет назад | ||
| SUSE-SU-2019:2370-1 Security update for python-urllib3 | почти 6 лет назад | ||
| SUSE-SU-2019:2331-1 Security update for python-urllib3 | почти 6 лет назад | ||
| ELSA-2020-2068 ELSA-2020-2068: python-pip security update (MODERATE) | около 5 лет назад | ||
| ELSA-2020-1916 ELSA-2020-1916: python-pip security update (MODERATE) | около 5 лет назад | ||
| ELSA-2020-0850 ELSA-2020-0850: python-pip security update (MODERATE) | больше 5 лет назад | ||
| ELSA-2020-1605 ELSA-2020-1605: python27:2.7 security, bug fix, and enhancement update (MODERATE) | около 5 лет назад | ||
 | RLSA-2020:1605 Moderate: python27:2.7 security, bug fix, and enhancement update | около 5 лет назад | ||
 | CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
 | CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | CVSS3: 5.3 | 0% Низкий | около 7 лет назад |
 | CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| CVE-2018-20060 urllib3 before version 1.23 does not remove the Authorization HTTP hea ... | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.5 | 1% Низкий | больше 6 лет назад |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
 | CVSS3: 6.1 | 1% Низкий | больше 4 лет назад | |
| CVE-2019-11236 In the urllib3 library through 1.24.1 for Python, CRLF injection is po ... | CVSS3: 6.1 | 1% Низкий | около 6 лет назад |
Уязвимостей на страницу