vulnerability
Red Hat: CVE-2024-47081: requests: Requests vulnerable to .netrc credentials leak via malicious URLs (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:H/Au:N/C:C/I:N/A:N) | Jun 9, 2025 | Jul 9, 2025 | Jan 28, 2026 |
Severity
5
CVSS
(AV:N/AC:H/Au:N/C:C/I:N/A:N)
Published
Jun 9, 2025
Added
Jul 9, 2025
Modified
Jan 28, 2026
Description
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.
Solutions
no-fix-redhat-rpm-packageredhat-upgrade-fence-agents-aliyunredhat-upgrade-fence-agents-aliyun-debuginforedhat-upgrade-fence-agents-allredhat-upgrade-fence-agents-amt-wsredhat-upgrade-fence-agents-apcredhat-upgrade-fence-agents-apc-snmpredhat-upgrade-fence-agents-awsredhat-upgrade-fence-agents-azure-armredhat-upgrade-fence-agents-azure-arm-debuginforedhat-upgrade-fence-agents-bladecenterredhat-upgrade-fence-agents-brocaderedhat-upgrade-fence-agents-cisco-mdsredhat-upgrade-fence-agents-cisco-ucsredhat-upgrade-fence-agents-commonredhat-upgrade-fence-agents-computeredhat-upgrade-fence-agents-debuginforedhat-upgrade-fence-agents-debugsourceredhat-upgrade-fence-agents-drac5redhat-upgrade-fence-agents-eaton-snmpredhat-upgrade-fence-agents-emersonredhat-upgrade-fence-agents-epsredhat-upgrade-fence-agents-gceredhat-upgrade-fence-agents-heuristics-pingredhat-upgrade-fence-agents-hpbladeredhat-upgrade-fence-agents-ibm-powervsredhat-upgrade-fence-agents-ibm-vpcredhat-upgrade-fence-agents-ibmbladeredhat-upgrade-fence-agents-ifmibredhat-upgrade-fence-agents-ilo-moonshotredhat-upgrade-fence-agents-ilo-mpredhat-upgrade-fence-agents-ilo-sshredhat-upgrade-fence-agents-ilo2redhat-upgrade-fence-agents-intelmodularredhat-upgrade-fence-agents-ipduredhat-upgrade-fence-agents-ipmilanredhat-upgrade-fence-agents-kdumpredhat-upgrade-fence-agents-kdump-debuginforedhat-upgrade-fence-agents-kubevirtredhat-upgrade-fence-agents-kubevirt-debuginforedhat-upgrade-fence-agents-lparredhat-upgrade-fence-agents-mpathredhat-upgrade-fence-agents-openstackredhat-upgrade-fence-agents-redfishredhat-upgrade-fence-agents-rhevmredhat-upgrade-fence-agents-rsaredhat-upgrade-fence-agents-rsbredhat-upgrade-fence-agents-sbdredhat-upgrade-fence-agents-scsiredhat-upgrade-fence-agents-virshredhat-upgrade-fence-agents-vmware-restredhat-upgrade-fence-agents-vmware-soapredhat-upgrade-fence-agents-wtiredhat-upgrade-fence-agents-zvmredhat-upgrade-python3-requestsredhat-upgrade-python3-requests-securityredhat-upgrade-python3-requests-socksredhat-upgrade-resource-agentsredhat-upgrade-resource-agents-aliyunredhat-upgrade-resource-agents-aliyun-debuginforedhat-upgrade-resource-agents-debuginforedhat-upgrade-resource-agents-debugsourceredhat-upgrade-resource-agents-gcpredhat-upgrade-resource-agents-paf
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.