| Max CVSS | 6.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-2296 | 6.8 |
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. <a href="http://cwe.mitre.org/data/definitions/384.html">CWE-38
|
18-03-2021 - 13:19 | 18-03-2015 - 16:59 | |
| CVE-2014-1830 | 5.0 |
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.
|
30-10-2018 - 16:27 | 15-10-2014 - 14:55 | |
| CVE-2014-1829 | 5.0 |
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.
|
30-08-2016 - 17:11 | 15-10-2014 - 14:55 |