vulnerability
Oracle Solaris 11: CVE-2018-18074: Vulnerability in Requests
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Oct 9, 2018 | Nov 20, 2019 | Feb 17, 2022 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Oct 9, 2018
Added
Nov 20, 2019
Modified
Feb 17, 2022
Description
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
Solutions
oracle-solaris-11-4-upgrade-library-python-requests-2-9-1-11-4-15-0-1-1-0oracle-solaris-11-4-upgrade-library-python-requests-27-2-9-1-11-4-15-0-1-1-0oracle-solaris-11-4-upgrade-library-python-requests-34-2-9-1-11-4-15-0-1-1-0oracle-solaris-11-4-upgrade-library-python-requests-35-2-9-1-11-4-15-0-1-1-0oracle-solaris-11-4-upgrade-library-python-requests-37-2-9-1-11-4-15-0-1-1-0
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.