vulnerability
Red Hat: CVE-2023-43804: python-urllib3: Cookie request header isn't stripped during cross-origin redirects (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:S/C:C/I:C/A:N) | Oct 4, 2023 | Nov 22, 2023 | Mar 12, 2025 |
Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:N)
Published
Oct 4, 2023
Added
Nov 22, 2023
Modified
Mar 12, 2025
Description
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.
Solution(s)
redhat-upgrade-babelredhat-upgrade-cython-debugsourceredhat-upgrade-fence-agents-aliyunredhat-upgrade-fence-agents-aliyun-debuginforedhat-upgrade-fence-agents-allredhat-upgrade-fence-agents-amt-wsredhat-upgrade-fence-agents-apcredhat-upgrade-fence-agents-apc-snmpredhat-upgrade-fence-agents-awsredhat-upgrade-fence-agents-azure-armredhat-upgrade-fence-agents-bladecenterredhat-upgrade-fence-agents-brocaderedhat-upgrade-fence-agents-cisco-mdsredhat-upgrade-fence-agents-cisco-ucsredhat-upgrade-fence-agents-commonredhat-upgrade-fence-agents-computeredhat-upgrade-fence-agents-debuginforedhat-upgrade-fence-agents-debugsourceredhat-upgrade-fence-agents-drac5redhat-upgrade-fence-agents-eaton-snmpredhat-upgrade-fence-agents-emersonredhat-upgrade-fence-agents-epsredhat-upgrade-fence-agents-gceredhat-upgrade-fence-agents-heuristics-pingredhat-upgrade-fence-agents-hpbladeredhat-upgrade-fence-agents-ibm-powervsredhat-upgrade-fence-agents-ibm-vpcredhat-upgrade-fence-agents-ibmbladeredhat-upgrade-fence-agents-ifmibredhat-upgrade-fence-agents-ilo-moonshotredhat-upgrade-fence-agents-ilo-mpredhat-upgrade-fence-agents-ilo-sshredhat-upgrade-fence-agents-ilo2redhat-upgrade-fence-agents-intelmodularredhat-upgrade-fence-agents-ipduredhat-upgrade-fence-agents-ipmilanredhat-upgrade-fence-agents-kdumpredhat-upgrade-fence-agents-kdump-debuginforedhat-upgrade-fence-agents-kubevirtredhat-upgrade-fence-agents-kubevirt-debuginforedhat-upgrade-fence-agents-lparredhat-upgrade-fence-agents-mpathredhat-upgrade-fence-agents-openstackredhat-upgrade-fence-agents-redfishredhat-upgrade-fence-agents-rhevmredhat-upgrade-fence-agents-rsaredhat-upgrade-fence-agents-rsbredhat-upgrade-fence-agents-sbdredhat-upgrade-fence-agents-scsiredhat-upgrade-fence-agents-virshredhat-upgrade-fence-agents-vmware-restredhat-upgrade-fence-agents-vmware-soapredhat-upgrade-fence-agents-wtiredhat-upgrade-fence-agents-zvmredhat-upgrade-fence-virtredhat-upgrade-fence-virt-debuginforedhat-upgrade-fence-virtdredhat-upgrade-fence-virtd-cpgredhat-upgrade-fence-virtd-cpg-debuginforedhat-upgrade-fence-virtd-debuginforedhat-upgrade-fence-virtd-libvirtredhat-upgrade-fence-virtd-libvirt-debuginforedhat-upgrade-fence-virtd-multicastredhat-upgrade-fence-virtd-multicast-debuginforedhat-upgrade-fence-virtd-serialredhat-upgrade-fence-virtd-serial-debuginforedhat-upgrade-fence-virtd-tcpredhat-upgrade-fence-virtd-tcp-debuginforedhat-upgrade-ha-cloud-supportredhat-upgrade-ha-cloud-support-debuginforedhat-upgrade-ha-openstack-supportredhat-upgrade-ha-openstack-support-debuginforedhat-upgrade-numpy-debugsourceredhat-upgrade-python-cffi-debugsourceredhat-upgrade-python-coverage-debugsourceredhat-upgrade-python-cryptography-debugsourceredhat-upgrade-python-lxml-debugsourceredhat-upgrade-python-nose-docsredhat-upgrade-python-psutil-debugsourceredhat-upgrade-python-psycopg2-debuginforedhat-upgrade-python-psycopg2-debugsourceredhat-upgrade-python-psycopg2-docredhat-upgrade-python-pymongo-debuginforedhat-upgrade-python-pymongo-debugsourceredhat-upgrade-python-sqlalchemy-docredhat-upgrade-python2redhat-upgrade-python2-attrsredhat-upgrade-python2-babelredhat-upgrade-python2-backportsredhat-upgrade-python2-backports-ssl_match_hostnameredhat-upgrade-python2-bsonredhat-upgrade-python2-bson-debuginforedhat-upgrade-python2-chardetredhat-upgrade-python2-coverageredhat-upgrade-python2-coverage-debuginforedhat-upgrade-python2-cythonredhat-upgrade-python2-cython-debuginforedhat-upgrade-python2-debugredhat-upgrade-python2-debuginforedhat-upgrade-python2-debugsourceredhat-upgrade-python2-develredhat-upgrade-python2-dnsredhat-upgrade-python2-docsredhat-upgrade-python2-docs-inforedhat-upgrade-python2-docutilsredhat-upgrade-python2-funcsigsredhat-upgrade-python2-idnaredhat-upgrade-python2-ipaddressredhat-upgrade-python2-jinja2redhat-upgrade-python2-libsredhat-upgrade-python2-lxmlredhat-upgrade-python2-lxml-debuginforedhat-upgrade-python2-markupsaferedhat-upgrade-python2-mockredhat-upgrade-python2-noseredhat-upgrade-python2-numpyredhat-upgrade-python2-numpy-debuginforedhat-upgrade-python2-numpy-docredhat-upgrade-python2-numpy-f2pyredhat-upgrade-python2-pipredhat-upgrade-python2-pip-wheelredhat-upgrade-python2-pluggyredhat-upgrade-python2-psycopg2redhat-upgrade-python2-psycopg2-debugredhat-upgrade-python2-psycopg2-debug-debuginforedhat-upgrade-python2-psycopg2-debuginforedhat-upgrade-python2-psycopg2-testsredhat-upgrade-python2-pyredhat-upgrade-python2-pygmentsredhat-upgrade-python2-pymongoredhat-upgrade-python2-pymongo-debuginforedhat-upgrade-python2-pymongo-gridfsredhat-upgrade-python2-pymysqlredhat-upgrade-python2-pysocksredhat-upgrade-python2-pytestredhat-upgrade-python2-pytest-mockredhat-upgrade-python2-pytzredhat-upgrade-python2-pyyamlredhat-upgrade-python2-pyyaml-debuginforedhat-upgrade-python2-requestsredhat-upgrade-python2-rpm-macrosredhat-upgrade-python2-scipyredhat-upgrade-python2-scipy-debuginforedhat-upgrade-python2-setuptoolsredhat-upgrade-python2-setuptools-wheelredhat-upgrade-python2-setuptools_scmredhat-upgrade-python2-sixredhat-upgrade-python2-sqlalchemyredhat-upgrade-python2-testredhat-upgrade-python2-tkinterredhat-upgrade-python2-toolsredhat-upgrade-python2-urllib3redhat-upgrade-python2-virtualenvredhat-upgrade-python2-wheelredhat-upgrade-python2-wheel-wheelredhat-upgrade-python3-11-urllib3redhat-upgrade-python3-urllib3redhat-upgrade-python39redhat-upgrade-python39-attrsredhat-upgrade-python39-cffiredhat-upgrade-python39-cffi-debuginforedhat-upgrade-python39-chardetredhat-upgrade-python39-cryptographyredhat-upgrade-python39-cryptography-debuginforedhat-upgrade-python39-cythonredhat-upgrade-python39-cython-debuginforedhat-upgrade-python39-debugredhat-upgrade-python39-debuginforedhat-upgrade-python39-debugsourceredhat-upgrade-python39-develredhat-upgrade-python39-idleredhat-upgrade-python39-idnaredhat-upgrade-python39-iniconfigredhat-upgrade-python39-libsredhat-upgrade-python39-lxmlredhat-upgrade-python39-lxml-debuginforedhat-upgrade-python39-mod_wsgiredhat-upgrade-python39-more-itertoolsredhat-upgrade-python39-numpyredhat-upgrade-python39-numpy-debuginforedhat-upgrade-python39-numpy-docredhat-upgrade-python39-numpy-f2pyredhat-upgrade-python39-packagingredhat-upgrade-python39-pipredhat-upgrade-python39-pip-wheelredhat-upgrade-python39-pluggyredhat-upgrade-python39-plyredhat-upgrade-python39-psutilredhat-upgrade-python39-psutil-debuginforedhat-upgrade-python39-psycopg2redhat-upgrade-python39-psycopg2-debuginforedhat-upgrade-python39-psycopg2-docredhat-upgrade-python39-psycopg2-testsredhat-upgrade-python39-pyredhat-upgrade-python39-pybind11redhat-upgrade-python39-pybind11-develredhat-upgrade-python39-pycparserredhat-upgrade-python39-pymysqlredhat-upgrade-python39-pyparsingredhat-upgrade-python39-pysocksredhat-upgrade-python39-pytestredhat-upgrade-python39-pyyamlredhat-upgrade-python39-pyyaml-debuginforedhat-upgrade-python39-requestsredhat-upgrade-python39-rpm-macrosredhat-upgrade-python39-scipyredhat-upgrade-python39-scipy-debuginforedhat-upgrade-python39-setuptoolsredhat-upgrade-python39-setuptools-wheelredhat-upgrade-python39-sixredhat-upgrade-python39-testredhat-upgrade-python39-tkinterredhat-upgrade-python39-tomlredhat-upgrade-python39-urllib3redhat-upgrade-python39-wcwidthredhat-upgrade-python39-wheelredhat-upgrade-python39-wheel-wheelredhat-upgrade-pyyaml-debugsourceredhat-upgrade-scipy-debugsource
References
- NVD-CVE-2023-43804
- REDHAT-RHSA-2023:7378
- REDHAT-RHSA-2023:7385
- REDHAT-RHSA-2023:7407
- REDHAT-RHSA-2023:7528
- REDHAT-RHSA-2023:7753
- REDHAT-RHSA-2024:0116
- REDHAT-RHSA-2024:0133
- REDHAT-RHSA-2024:0300
- REDHAT-RHSA-2024:0464
- REDHAT-RHSA-2024:0588
- REDHAT-RHSA-2024:2159
- REDHAT-RHSA-2024:2985
- REDHAT-RHSA-2024:2986
- REDHAT-RHSA-2024:2987
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.