excon is vulnerable to information disclosure. The vulnerability exists as a race condition, whereby an attacker could cause interrupted persistent connections to leave data on the socket, allowing subsequent requests to read the content.
lists.opensuse.org/opensuse-security-announce/2020-01/msg00021.html
lists.opensuse.org/opensuse-security-announce/2020-01/msg00062.html
github.com/excon/excon/commit/ccb57d7a422f020dc74f1de4e8fb505ab46d8a29
github.com/excon/excon/security/advisories/GHSA-q58g-455p-8vw9
lists.debian.org/debian-lts-announce/2020/01/msg00015.html