USN-6473-1: urllib3 vulnerabilities

USN-6473-1: urllib3 vulnerabilities

Ubuntu security notices It was discovered that urllib3 didn’t strip HTTP Authorization header
on cross-origin redirects. A remote attacker could possibly use this
issue to obtain sensitive information. This issue only affected
Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-25091)

It was discovered that urllib3 didn’t strip HTTP Cookie header on
cross-origin redirects. A remote attacker could possibly use this
issue to obtain sensitive information. (CVE-2023-43804)

It was discovered that urllib3 didn’t strip HTTP body on status code
303 redirects under certain circumstances. A remote attacker could
possibly use this issue to obtain sensitive information. (CVE-2023-45803) Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert