vulnerability
Oracle Linux: CVE-2024-47081: ELSA-2025-12519: python-requests security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:H/Au:N/C:C/I:N/A:N) | Jun 9, 2025 | Aug 5, 2025 | Sep 5, 2025 |
Severity
5
CVSS
(AV:N/AC:H/Au:N/C:C/I:N/A:N)
Published
Jun 9, 2025
Added
Aug 5, 2025
Modified
Sep 5, 2025
Description
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.
A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue.
A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue.
Solutions
oracle-linux-upgrade-fence-agents-alloracle-linux-upgrade-fence-agents-amt-wsoracle-linux-upgrade-fence-agents-apcoracle-linux-upgrade-fence-agents-apc-snmporacle-linux-upgrade-fence-agents-bladecenteroracle-linux-upgrade-fence-agents-brocadeoracle-linux-upgrade-fence-agents-cisco-mdsoracle-linux-upgrade-fence-agents-cisco-ucsoracle-linux-upgrade-fence-agents-commonoracle-linux-upgrade-fence-agents-computeoracle-linux-upgrade-fence-agents-drac5oracle-linux-upgrade-fence-agents-eaton-snmporacle-linux-upgrade-fence-agents-emersonoracle-linux-upgrade-fence-agents-epsoracle-linux-upgrade-fence-agents-heuristics-pingoracle-linux-upgrade-fence-agents-hpbladeoracle-linux-upgrade-fence-agents-ibmbladeoracle-linux-upgrade-fence-agents-ibm-powervsoracle-linux-upgrade-fence-agents-ibm-vpcoracle-linux-upgrade-fence-agents-ifmiboracle-linux-upgrade-fence-agents-ilo2oracle-linux-upgrade-fence-agents-ilo-moonshotoracle-linux-upgrade-fence-agents-ilo-mporacle-linux-upgrade-fence-agents-ilo-sshoracle-linux-upgrade-fence-agents-intelmodularoracle-linux-upgrade-fence-agents-ipduoracle-linux-upgrade-fence-agents-ipmilanoracle-linux-upgrade-fence-agents-kdumporacle-linux-upgrade-fence-agents-kubevirtoracle-linux-upgrade-fence-agents-lparoracle-linux-upgrade-fence-agents-mpathoracle-linux-upgrade-fence-agents-redfishoracle-linux-upgrade-fence-agents-rhevmoracle-linux-upgrade-fence-agents-rsaoracle-linux-upgrade-fence-agents-rsboracle-linux-upgrade-fence-agents-sbdoracle-linux-upgrade-fence-agents-scsioracle-linux-upgrade-fence-agents-virshoracle-linux-upgrade-fence-agents-vmware-restoracle-linux-upgrade-fence-agents-vmware-soaporacle-linux-upgrade-fence-agents-wtioracle-linux-upgrade-python3-requestsoracle-linux-upgrade-python3-requests-securityoracle-linux-upgrade-python3-requests-socksoracle-linux-upgrade-resource-agents
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.