High severity7.5NVD Advisory· Published Oct 9, 2018· Updated Jun 17, 2026
CVE-2018-18074
CVE-2018-18074
Description
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
requestsPyPI | < 2.20.0 | 2.20.0 |
Affected products
222- ghsa-coords222 versionspkg:pypi/requestspkg:rpm/almalinux/python2-attrspkg:rpm/almalinux/python2-chardetpkg:rpm/almalinux/python2-coveragepkg:rpm/almalinux/python2-Cythonpkg:rpm/almalinux/python2-dnspkg:rpm/almalinux/python2-docspkg:rpm/almalinux/python2-docs-infopkg:rpm/almalinux/python2-docutilspkg:rpm/almalinux/python2-funcsigspkg:rpm/almalinux/python2-idnapkg:rpm/almalinux/python2-ipaddresspkg:rpm/almalinux/python2-markupsafepkg:rpm/almalinux/python2-mockpkg:rpm/almalinux/python2-pluggypkg:rpm/almalinux/python2-psycopg2pkg:rpm/almalinux/python2-psycopg2-debugpkg:rpm/almalinux/python2-psycopg2-testspkg:rpm/almalinux/python2-pypkg:rpm/almalinux/python2-PyMySQLpkg:rpm/almalinux/python2-pysockspkg:rpm/almalinux/python2-pytestpkg:rpm/almalinux/python2-pytest-mockpkg:rpm/almalinux/python2-pytzpkg:rpm/almalinux/python2-pyyamlpkg:rpm/almalinux/python2-requestspkg:rpm/almalinux/python2-rpm-macrospkg:rpm/almalinux/python2-setuptools_scmpkg:rpm/almalinux/python3-requestspkg:rpm/almalinux/python-psycopg2-docpkg:rpm/opensuse/python-requests&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/python-requests-test&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/python3-requests&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python3-requests&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/python3-requests&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/python3-requests&distro=SUSE%20Manager%20Proxy%203.2pkg:rpm/suse/python3-requests&distro=SUSE%20Manager%20Server%203.2pkg:rpm/suse/python3-requests&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python3-requests&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python3-requests&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-asn1crypto&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP1pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-asn1crypto&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-asn1crypto&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-asn1crypto&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-aws-sam-translator&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-botocore&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-botocore&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-botocore&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-certifi&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-certifi&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/python-certifi&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/python-certifi&distro=SUSE%20Manager%20Proxy%203.2pkg:rpm/suse/python-certifi&distro=SUSE%20Manager%20Server%203.2pkg:rpm/suse/python-certifi&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-certifi&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-certifi&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-cfn-lint&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-chardet&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-chardet&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/python-chardet&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/python-chardet&distro=SUSE%20Manager%20Proxy%203.2pkg:rpm/suse/python-chardet&distro=SUSE%20Manager%20Server%203.2pkg:rpm/suse/python-chardet&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-chardet&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-chardet&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-docutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-functools32&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-jsonpatch&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-jsonpatch&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-jsonpatch&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-jsonpatch&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-jsonpatch&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-jsonpointer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-jsonpointer&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-jsonpointer&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-jsonpointer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-jsonpointer&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-jsonschema&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-packaging&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-packaging&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP1pkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-packaging&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-packaging&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-packaging&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-packaging&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-pyparsing&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP1pkg:rpm/suse/python-pyparsing&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/python-pyparsing&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-pyparsing&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python-pyparsing&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/python-pyparsing&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-pyparsing&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-PyYAML&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-PyYAML&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP1pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Advanced%20Systems%20Management%2012pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2012pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2012%20SP2pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-PyYAML&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-PyYAML&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/python-PyYAML&distro=SUSE%20Manager%20Proxy%203.2pkg:rpm/suse/python-PyYAML&distro=SUSE%20Manager%20Server%203.2pkg:rpm/suse/python-PyYAML&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-PyYAML&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-PyYAML&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-requests&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP4pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Advanced%20Systems%20Management%2012pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-requests&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/python-requests&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/python-requests&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-requests&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-requests&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-requests&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-requests&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-s3transfer&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-urllib3&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-urllib3&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/python-urllib3&distro=SUSE%20Manager%20Proxy%203.2pkg:rpm/suse/python-urllib3&distro=SUSE%20Manager%20Server%203.2pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
< 2.20.0+ 221 more
- (no CPE)range: < 2.20.0
- (no CPE)range: < 17.4.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.0.4-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 4.5.1-4.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.28.1-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.15.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.16-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.16-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.14-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.18-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.23-19.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.0.0-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.6.0-8.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.5.3-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.8.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.6.8-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.4.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.9.0-4.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2017.2-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.12-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.20.0-3.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3-38.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.15.7-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.20.0-2.1.el8_1
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.20.1-lp151.2.3.1
- (no CPE)range: < 2.20.1-lp151.2.3.1
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 2.20.1-5.2
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 0.24.0-2.5.1
- (no CPE)range: < 1.11.0-2.3.1
- (no CPE)range: < 1.9.213-14.9.1
- (no CPE)range: < 1.12.213-28.12.1
- (no CPE)range: < 1.12.213-28.12.1
- (no CPE)range: < 1.12.213-28.12.1
- (no CPE)range: < 1.12.213-28.12.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 2018.4.16-3.6.1
- (no CPE)range: < 0.21.4-2.3.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 3.0.4-5.6.1
- (no CPE)range: < 0.15.2-3.4.2
- (no CPE)range: < 3.2.3.2-2.6.1
- (no CPE)range: < 1.1-10.4.1
- (no CPE)range: < 1.1-10.4.1
- (no CPE)range: < 1.1-10.4.1
- (no CPE)range: < 1.1-10.4.1
- (no CPE)range: < 1.1-10.4.1
- (no CPE)range: < 1.0-10.3.1
- (no CPE)range: < 1.0-10.3.1
- (no CPE)range: < 1.0-10.3.1
- (no CPE)range: < 1.0-10.3.1
- (no CPE)range: < 1.0-10.3.1
- (no CPE)range: < 2.6.0-5.3.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 17.1-2.5.1
- (no CPE)range: < 2.2.0-7.6.1
- (no CPE)range: < 2.2.0-7.6.1
- (no CPE)range: < 2.2.0-7.6.1
- (no CPE)range: < 2.2.0-7.6.1
- (no CPE)range: < 2.2.0-7.6.1
- (no CPE)range: < 2.2.0-7.6.1
- (no CPE)range: < 2.2.0-7.6.1
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 5.1.2-26.9.4
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.20.1-8.7.7
- (no CPE)range: < 2.18.4-150000.3.3.1
- (no CPE)range: < 2.18.4-150000.3.3.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.20.1-6.3.2
- (no CPE)range: < 2.20.1-8.7.7
- (no CPE)range: < 2.20.1-6.3.2
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.20.1-8.7.7
- (no CPE)range: < 2.18.4-150000.3.3.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.20.1-8.7.7
- (no CPE)range: < 2.18.4-150000.3.3.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.20.1-4.3.1
- (no CPE)range: < 2.11.1-6.31.1
- (no CPE)range: < 2.20.1-4.3.1
- (no CPE)range: < 0.2.1-8.3.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
- (no CPE)range: < 1.22-3.20.1
Patches
Vulnerability mechanics
References
15- github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ffnvdPatchThird Party AdvisoryWEB
- github.com/requests/requests/pull/4718nvdPatchThird Party AdvisoryWEB
- bugs.debian.org/910766nvdExploitIssue TrackingPatchThird Party AdvisoryWEB
- github.com/requests/requests/issues/4716nvdExploitPatchThird Party AdvisoryWEB
- docs.python-requests.org/en/master/community/updates/nvdRelease NotesThird Party AdvisoryWEB
- lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.htmlnvdMailing ListThird Party AdvisoryWEB
- access.redhat.com/errata/RHSA-2019:2035nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-x84v-xcm2-53pgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-18074ghsaADVISORY
- usn.ubuntu.com/3790-1/nvdThird Party Advisory
- usn.ubuntu.com/3790-2/nvdThird Party Advisory
- github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2018-28.yamlghsaWEB
- usn.ubuntu.com/3790-1ghsaWEB
- usn.ubuntu.com/3790-2ghsaWEB
- www.oracle.com/security-alerts/cpujul2022.htmlnvdWEB
News mentions
0No linked articles in our index yet.