[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2020:0850-01 -- Redhat python-pip

ID: oval:org.secpod.oval:def:503555Date: (C)2020-03-20   (M)2023-10-12
Class: PATCHFamily: unix




TODO: add package description Security Fix: * python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure * python-urllib3: CRLF injection due to not encoding the "\r\n" sequence leading to possible attack on internal service * python-urllib3: Certification mishandle when error should be thrown * python-requests: Redirect from HTTPS to HTTP does not remove Authorization header For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.

Platform:
Red Hat Enterprise Linux 7
Product:
python-pip
Reference:
RHSA-2020:0850-01
CVE-2018-18074
CVE-2018-20060
CVE-2019-11236
CVE-2019-11324
CVE    4
CVE-2018-18074
CVE-2018-20060
CVE-2019-11236
CVE-2019-11324
...

© SecPod Technologies