Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

Gentoo FoundationMGASA-2023-0210

HistoryJun 28, 2023 - 8:21 a.m.

Vulners
/
Mageia
/
Updated python-requests packages fix security vulnerability

Updated python-requests packages fix security vulnerability

2023-06-2808:21:41

Gentoo Foundation

advisories.mageia.org

112

python

requests

security

vulnerability

fix

unix

proxy

credentials

destination server

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

51.8%

JSON

Forwarding proxy credentials to the destination server unintentionally (CVE-2023-32681)

OSVersionArchitecturePackageVersionFilename
Mageia8noarchpython-requests< 2.25.1-1.2python-requests-2.25.1-1.2.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	python-requests	< 2.25.1-1.2	python-requests-2.25.1-1.2.mga8

References

bugs.mageia.org/show_bug.cgi?id=32032

ubuntu.com/security/notices/USN-6155-1

www.debian.org/lts/security/2023/dla-3456

cve 1

fedora 3

osv 12

nessus 64

redhat 26

ibm 28

openvas 35

redhatcve 1

ubuntucve 1

oraclelinux 5

veracode 1

debiancve 1

githubexploit 1

rocky 1

almalinux 5

prion 1

cgr 1

ubuntu 2

amazon 2

cbl_mariner 2

redos 1

cvelist 1

gentoo 1

debian 1

nvd 1

github 1

cve

CVE-2023-32681

2023-05-26 18:15:14

fedora

[SECURITY] Fedora 38 Update: mingw-python-requests-2.31.0-1.fc38

2023-06-04 01:23:19

[SECURITY] Fedora 38 Update: python-requests-2.28.2-2.fc38

2023-05-25 01:12:12

[SECURITY] Fedora 37 Update: python-requests-2.28.1-3.fc37

2023-05-27 01:26:55

osv

PYSEC-2023-74

2023-05-26 18:15:00

Unintended leak of Proxy-Authorization header in requests

2023-05-22 20:36:32

CVE-2023-32681

2023-05-26 18:15:14

nessus

Ubuntu 16.04 ESM / 18.04 ESM : Requests vulnerability (USN-6155-2)

2023-06-15 00:00:00

Amazon Linux 2 : python3-requests (ALAS-2023-2111)

2023-07-20 00:00:00

Oracle Linux 8 : python27:2.7 (ELSA-2023-7042)

2023-11-21 00:00:00

redhat

(RHSA-2023:4520) Moderate: python-requests security update

2023-08-08 07:20:58

(RHSA-2023:7042) Moderate: python27:2.7 security and bug fix update

2023-11-14 08:43:31

(RHSA-2024:0299) Moderate: python-requests security update

2024-01-18 16:11:51

ibm

Security Bulletin: IBM Maximo Application Suite uses requests-2.28.2-py3-none-any.whl which is vulnerable to CVE-2023-32681

2023-12-14 20:31:55

Security Bulletin: Vulnerability in requests-2.27.1.tar.gz affects IBM Integrated Analytics System [CVE-2023-32681]

2023-06-12 07:14:20

Security Bulletin: A vulnerability in python-request affects IBM Robotic Process Automation for Cloud Pak and may result in an attacker obtaining sensitive information (CVE-2023-32681)

2023-09-20 14:08:13

openvas

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2023-2969)

2023-10-13 00:00:00

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2023-2596)

2023-08-08 00:00:00

Huawei EulerOS: Security Advisory for python-requests (EulerOS-SA-2023-3451)

2023-12-15 00:00:00

redhatcve

CVE-2023-32681

2023-05-24 03:40:09

ubuntucve

CVE-2023-32681

2023-05-26 00:00:00

oraclelinux

python27:2.7 security and bug fix update

2023-11-18 00:00:00

python-requests security update

2023-08-11 00:00:00

python-requests security update

2023-08-02 00:00:00

veracode

Unintended Leaks Of Proxy-Authorization Header

2023-05-24 02:21:58

debiancve

CVE-2023-32681

2023-05-26 18:15:14

githubexploit

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Python Requests

2023-07-22 05:24:58

rocky

python-requests security update

2023-08-28 18:40:41

almalinux

Moderate: python27:2.7 security and bug fix update

2023-11-14 00:00:00

Moderate: python-requests security update

2023-08-08 00:00:00

Moderate: python-requests security update

2023-08-01 00:00:00

prion

Design/Logic Flaw

2023-05-26 18:15:00

cgr

CVE-2023-32681 vulnerabilities

2024-05-19 03:07:16

ubuntu

Requests vulnerability

2023-06-15 00:00:00

Requests vulnerability

2023-06-12 00:00:00

amazon

Medium: python3-requests

2023-07-05 22:01:00

Medium: python-requests

2023-07-05 22:01:00

cbl_mariner

CVE-2023-32681 affecting package python-requests for versions less than 2.27.1-6

2023-06-27 20:56:13

CVE-2023-32681 affecting package python-requests 2.22.0-2

2023-06-27 21:25:25

redos

ROS-20240408-11

2024-04-08 00:00:00

cvelist

CVE-2023-32681 Unintended leak of Proxy-Authorization header in requests

2023-05-26 17:02:52

gentoo

Requests: Information Leak

2023-09-17 00:00:00

debian

[SECURITY] [DLA 3456-1] requests security update

2023-06-18 16:06:44

nvd

CVE-2023-32681

2023-05-26 18:15:14

github

Unintended leak of Proxy-Authorization header in requests

2023-05-22 20:36:32

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

51.8%

JSON

Related for MGASA-2023-0210