Vulnerabilites related to python - requests
cve-2014-1830
Vulnerability from cvelistv5
Published
2014-10-15 14:00
Modified
2024-08-06 09:50
Severity ?
EPSS score ?
Summary
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108 | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:133 | vendor-advisory, x_refsource_MANDRIVA | |
| http://lists.opensuse.org/opensuse-updates/2016-01/msg00095.html | vendor-advisory, x_refsource_SUSE | |
| https://github.com/kennethreitz/requests/issues/1885 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2015/dsa-3146 | vendor-advisory, x_refsource_DEBIAN | |
| http://advisories.mageia.org/MGASA-2014-0409.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:50:11.480Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { name: "MDVSA-2015:133", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { name: "openSUSE-SU-2016:0246", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00095.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/kennethreitz/requests/issues/1885", }, { name: "DSA-3146", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3146", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-01-27T00:00:00", descriptions: [ { lang: "en", value: "Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-06-03T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { name: "MDVSA-2015:133", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { name: "openSUSE-SU-2016:0246", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00095.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/kennethreitz/requests/issues/1885", }, { name: "DSA-3146", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3146", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-1830", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", refsource: "CONFIRM", url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { name: "MDVSA-2015:133", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { name: "openSUSE-SU-2016:0246", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00095.html", }, { name: "https://github.com/kennethreitz/requests/issues/1885", refsource: "CONFIRM", url: "https://github.com/kennethreitz/requests/issues/1885", }, { name: "DSA-3146", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3146", }, { name: "http://advisories.mageia.org/MGASA-2014-0409.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-1830", datePublished: "2014-10-15T14:00:00", dateReserved: "2014-01-30T00:00:00", dateUpdated: "2024-08-06T09:50:11.480Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32681
Vulnerability from cvelistv5
Published
2023-05-26 17:02
Modified
2025-02-13 16:54
Severity ?
EPSS score ?
Summary
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:25:36.610Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q", }, { name: "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5", }, { name: "https://github.com/psf/requests/releases/tag/v2.31.0", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/psf/requests/releases/tag/v2.31.0", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202309-08", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-32681", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T19:35:47.263757Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T19:35:55.755Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "requests", vendor: "psf", versions: [ { status: "affected", version: ">= 2.3.0, < 2.31.0", }, ], }, ], descriptions: [ { lang: "en", value: "Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-17T08:07:02.389Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q", }, { name: "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5", tags: [ "x_refsource_MISC", ], url: "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5", }, { name: "https://github.com/psf/requests/releases/tag/v2.31.0", tags: [ "x_refsource_MISC", ], url: "https://github.com/psf/requests/releases/tag/v2.31.0", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/", }, { url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html", }, { url: "https://security.gentoo.org/glsa/202309-08", }, ], source: { advisory: "GHSA-j8r2-6x86-q33q", discovery: "UNKNOWN", }, title: "Unintended leak of Proxy-Authorization header in requests", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-32681", datePublished: "2023-05-26T17:02:52.899Z", dateReserved: "2023-05-11T16:33:45.731Z", dateUpdated: "2025-02-13T16:54:56.639Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-18074
Vulnerability from cvelistv5
Published
2018-10-09 15:00
Modified
2024-08-05 11:01
Severity ?
EPSS score ?
Summary
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3790-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3790-2/ | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html | vendor-advisory, x_refsource_SUSE | |
| https://access.redhat.com/errata/RHSA-2019:2035 | vendor-advisory, x_refsource_REDHAT | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| http://docs.python-requests.org/en/master/community/updates/#release-and-version-history | x_refsource_CONFIRM | |
| https://bugs.debian.org/910766 | x_refsource_MISC | |
| https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff | x_refsource_MISC | |
| https://github.com/requests/requests/issues/4716 | x_refsource_MISC | |
| https://github.com/requests/requests/pull/4718 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:01:14.951Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-3790-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3790-1/", }, { name: "USN-3790-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3790-2/", }, { name: "openSUSE-SU-2019:1754", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html", }, { name: "RHSA-2019:2035", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2035", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.python-requests.org/en/master/community/updates/#release-and-version-history", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.debian.org/910766", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/requests/requests/issues/4716", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/requests/requests/pull/4718", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-09T00:00:00", descriptions: [ { lang: "en", value: "The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-22T17:57:42", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "USN-3790-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3790-1/", }, { name: "USN-3790-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3790-2/", }, { name: "openSUSE-SU-2019:1754", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html", }, { name: "RHSA-2019:2035", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2035", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.python-requests.org/en/master/community/updates/#release-and-version-history", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.debian.org/910766", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/requests/requests/issues/4716", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/requests/requests/pull/4718", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-18074", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "USN-3790-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3790-1/", }, { name: "USN-3790-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3790-2/", }, { name: "openSUSE-SU-2019:1754", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html", }, { name: "RHSA-2019:2035", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2035", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "http://docs.python-requests.org/en/master/community/updates/#release-and-version-history", refsource: "CONFIRM", url: "http://docs.python-requests.org/en/master/community/updates/#release-and-version-history", }, { name: "https://bugs.debian.org/910766", refsource: "MISC", url: "https://bugs.debian.org/910766", }, { name: "https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff", refsource: "MISC", url: "https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff", }, { name: "https://github.com/requests/requests/issues/4716", refsource: "MISC", url: "https://github.com/requests/requests/issues/4716", }, { name: "https://github.com/requests/requests/pull/4718", refsource: "MISC", url: "https://github.com/requests/requests/pull/4718", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-18074", datePublished: "2018-10-09T15:00:00", dateReserved: "2018-10-09T00:00:00", dateUpdated: "2024-08-05T11:01:14.951Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-2296
Vulnerability from cvelistv5
Published
2015-03-18 16:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/03/15/1 | mailing-list, x_refsource_MLIST | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:133 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.openwall.com/lists/oss-security/2015/03/14/4 | mailing-list, x_refsource_MLIST | |
| http://www.ubuntu.com/usn/USN-2531-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc | x_refsource_CONFIRM | |
| http://advisories.mageia.org/MGASA-2015-0120.html | x_refsource_CONFIRM | |
| https://warehouse.python.org/project/requests/2.6.0/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:10:16.223Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20150314 Re: CVE Request for python-requests session fixation vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/03/15/1", }, { name: "FEDORA-2015-4084", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html", }, { name: "MDVSA-2015:133", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { name: "[oss-security] 20150314 CVE Request for python-requests session fixation vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/03/14/4", }, { name: "USN-2531-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2531-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2015-0120.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://warehouse.python.org/project/requests/2.6.0/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-14T00:00:00", descriptions: [ { lang: "en", value: "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-04-21T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20150314 Re: CVE Request for python-requests session fixation vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/03/15/1", }, { name: "FEDORA-2015-4084", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html", }, { name: "MDVSA-2015:133", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { name: "[oss-security] 20150314 CVE Request for python-requests session fixation vulnerability", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/03/14/4", }, { name: "USN-2531-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2531-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2015-0120.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://warehouse.python.org/project/requests/2.6.0/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-2296", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20150314 Re: CVE Request for python-requests session fixation vulnerability", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/03/15/1", }, { name: "FEDORA-2015-4084", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html", }, { name: "MDVSA-2015:133", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { name: "[oss-security] 20150314 CVE Request for python-requests session fixation vulnerability", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/03/14/4", }, { name: "USN-2531-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2531-1", }, { name: "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc", refsource: "CONFIRM", url: "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc", }, { name: "http://advisories.mageia.org/MGASA-2015-0120.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2015-0120.html", }, { name: "https://warehouse.python.org/project/requests/2.6.0/", refsource: "CONFIRM", url: "https://warehouse.python.org/project/requests/2.6.0/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-2296", datePublished: "2015-03-18T16:00:00", dateReserved: "2015-03-14T00:00:00", dateUpdated: "2024-08-06T05:10:16.223Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-1829
Vulnerability from cvelistv5
Published
2014-10-15 14:00
Modified
2024-08-06 09:50
Severity ?
EPSS score ?
Summary
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108 | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:133 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.ubuntu.com/usn/USN-2382-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://github.com/kennethreitz/requests/issues/1885 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2015/dsa-3146 | vendor-advisory, x_refsource_DEBIAN | |
| http://advisories.mageia.org/MGASA-2014-0409.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:50:11.165Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { name: "MDVSA-2015:133", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { name: "USN-2382-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2382-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/kennethreitz/requests/issues/1885", }, { name: "DSA-3146", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3146", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-01-27T00:00:00", descriptions: [ { lang: "en", value: "Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-04-21T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { name: "MDVSA-2015:133", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { name: "USN-2382-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2382-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/kennethreitz/requests/issues/1885", }, { name: "DSA-3146", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3146", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-1829", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", refsource: "CONFIRM", url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { name: "MDVSA-2015:133", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { name: "USN-2382-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2382-1", }, { name: "https://github.com/kennethreitz/requests/issues/1885", refsource: "CONFIRM", url: "https://github.com/kennethreitz/requests/issues/1885", }, { name: "DSA-3146", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3146", }, { name: "http://advisories.mageia.org/MGASA-2014-0409.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-1829", datePublished: "2014-10-15T14:00:00", dateReserved: "2014-01-30T00:00:00", dateUpdated: "2024-08-06T09:50:11.165Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2014-10-15 14:55
Modified
2024-11-21 02:05
Severity ?
Summary
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| python | requests | * | |
| canonical | ubuntu_linux | 14.04 | |
| mageia | mageia | 4.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:python:requests:*:*:*:*:*:*:*:*", matchCriteriaId: "79441BF0-F885-4440-B795-5F59EFBD53BE", versionEndIncluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F805A106-9A6F-48E7-8582-D3C5A26DFC11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.", }, { lang: "es", value: "Requests(también conocido como python-requests) anterior a 2.3.0 permite a atacantes remotos obtener una contraseña netrc leyendo la cabecera 'Authorization' en una petición de redirección.", }, ], id: "CVE-2014-1829", lastModified: "2024-11-21T02:05:06.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-10-15T14:55:05.400", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3146", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2382-1", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/kennethreitz/requests/issues/1885", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3146", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2382-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/kennethreitz/requests/issues/1885", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-10-15 14:55
Modified
2024-11-21 02:05
Severity ?
Summary
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:python:requests:*:*:*:*:*:*:*:*", matchCriteriaId: "79441BF0-F885-4440-B795-5F59EFBD53BE", versionEndIncluding: "2.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.", }, { lang: "es", value: "Requests (también conocido como python-requests) anterior a 2.3.0 permite a servidores remotos obtener información sensible leyendo la cabecera en 'Proxy-Authorization' con una petición de redirección.", }, ], id: "CVE-2014-1830", lastModified: "2024-11-21T02:05:06.840", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-10-15T14:55:05.447", references: [ { source: "cve@mitre.org", url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00095.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2015/dsa-3146", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { source: "cve@mitre.org", url: "https://github.com/kennethreitz/requests/issues/1885", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://advisories.mageia.org/MGASA-2014-0409.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-01/msg00095.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2015/dsa-3146", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/kennethreitz/requests/issues/1885", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-10-09 17:29
Modified
2024-11-21 03:55
Severity ?
Summary
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| python | requests | * | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| opensuse | leap | 15.1 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:python:requests:*:*:*:*:*:*:*:*", matchCriteriaId: "7CFBA4E8-EE3D-413C-8175-43F7E42960CA", versionEndExcluding: "2.20.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.", }, { lang: "es", value: "El paquete Requests antes de la versión 2.20.0 para Python envía una cabecera de autorización HTTP a un URI http al recibir una redirección same-hostname https-to-http, lo que facilita que los atacantes remotos descibran las credenciales esnifando la red.", }, ], id: "CVE-2018-18074", lastModified: "2024-11-21T03:55:26.530", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-10-09T17:29:01.897", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "http://docs.python-requests.org/en/master/community/updates/#release-and-version-history", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2035", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.debian.org/910766", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/requests/requests/issues/4716", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/requests/requests/pull/4718", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3790-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3790-2/", }, { source: "cve@mitre.org", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "http://docs.python-requests.org/en/master/community/updates/#release-and-version-history", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2035", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.debian.org/910766", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/requests/requests/issues/4716", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/requests/requests/pull/4718", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3790-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3790-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-26 18:15
Modified
2025-02-13 17:16
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
Summary
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| python | requests | * | |
| fedoraproject | fedora | 37 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:python:requests:*:*:*:*:*:*:*:*", matchCriteriaId: "15530292-B507-496D-B36E-0CA89A7037C6", versionEndExcluding: "2.31.0", versionStartIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.", }, { lang: "es", value: "Requests es una librería HTTP. Desde Requests 2.3.0, Requests ha estado filtrando cabeceras Proxy-Authorization a los servidores de destino cuando se redirige a un endpoint HTTPS. Esto es producto de cómo usamos `rebuild_proxies` para volver a adjuntar la cabecera `Proxy-Authorization` a las peticiones. Para conexiones HTTP enviadas a través del túnel, el proxy identificará la cabecera en la propia petición y la eliminará antes de reenviarla al servidor de destino. Sin embargo, cuando se envía a través de HTTPS, la cabecera `Proxy-Authorization` debe enviarse en la solicitud CONNECT, ya que el proxy no tiene visibilidad sobre la solicitud en túnel. Esto provoca que las solicitudes reenvíen las credenciales del proxy al servidor de destino de forma no intencionada, lo que permite a un actor malicioso filtrar información confidencial. Este problema se ha corregido en la versión 2.31.0.", }, ], id: "CVE-2023-32681", lastModified: "2025-02-13T17:16:32.583", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 4, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-05-26T18:15:14.147", references: [ { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5", }, { source: "security-advisories@github.com", tags: [ "Release Notes", ], url: "https://github.com/psf/requests/releases/tag/v2.31.0", }, { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q", }, { source: "security-advisories@github.com", url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/", }, { source: "security-advisories@github.com", url: "https://security.gentoo.org/glsa/202309-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/psf/requests/releases/tag/v2.31.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/202309-08", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-18 16:59
Modified
2024-11-21 02:27
Severity ?
Summary
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mageia_project | mageia | 4.0 | |
| python | requests | 2.1.0 | |
| python | requests | 2.2.1 | |
| python | requests | 2.3.0 | |
| python | requests | 2.4.0 | |
| python | requests | 2.4.1 | |
| python | requests | 2.4.2 | |
| python | requests | 2.4.3 | |
| python | requests | 2.5.0 | |
| python | requests | 2.5.1 | |
| python | requests | 2.5.2 | |
| python | requests | 2.5.3 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mageia_project:mageia:4.0:*:*:*:*:*:*:*", matchCriteriaId: "A7D2FA5A-6EC3-490B-A6A5-C498C889E30D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:python:requests:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "FEFEBF18-876A-4E3C-A30B-71577B9938CE", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "18282B8E-738F-495C-B990-F70D0F0F8F8B", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "2DE39CDB-643B-4126-9CA2-9C50337BBF58", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.4.0:*:*:*:*:*:*:*", matchCriteriaId: "425B2FDF-69C3-4C0C-8972-E41EC457F791", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.4.1:*:*:*:*:*:*:*", matchCriteriaId: "BB05BA9A-23AE-49D4-A1E7-96F8964A3BFF", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.4.2:*:*:*:*:*:*:*", matchCriteriaId: "800BD957-9C00-41F9-BD04-485698BD55D4", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.4.3:*:*:*:*:*:*:*", matchCriteriaId: "6FA61528-1797-44A2-99FA-F24866B4A663", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.5.0:*:*:*:*:*:*:*", matchCriteriaId: "544C8C6B-0532-4D06-8A50-6C629B5C48F9", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D34A4A03-6B83-4FED-91DF-73D3DC895879", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4016F80B-6EB3-4C5B-B2A6-483A24E9E70C", vulnerable: true, }, { criteria: "cpe:2.3:a:python:requests:2.5.3:*:*:*:*:*:*:*", matchCriteriaId: "330946FA-38DC-4797-AEB3-0B038B828F9A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.", }, { lang: "es", value: "La función resolve_redirects en sessions.py en requests 2.1.0 hasta 2.5.3 permite a atacantes remotos realizar ataques de fijación de sesión a través de una cookie sin valor de anfitrión en una redirección.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/384.html\">CWE-384: Session Fixation</a>", id: "CVE-2015-2296", lastModified: "2024-11-21T02:27:10.147", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-18T16:59:03.517", references: [ { source: "cve@mitre.org", url: "http://advisories.mageia.org/MGASA-2015-0120.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/03/14/4", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2015/03/15/1", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2531-1", }, { source: "cve@mitre.org", url: "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://warehouse.python.org/project/requests/2.6.0/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://advisories.mageia.org/MGASA-2015-0120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/03/14/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/03/15/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2531-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://warehouse.python.org/project/requests/2.6.0/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }