CVE-2014-1829

kennethreitz/requests

on github

Published

October 15, 2014

Severity

CVSS v3:

N/A

CVSS v2:

5 MEDIUM

Description

Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.

References

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:o:debian:debian_linux:7.0:::::::*	n/a	n/a	7.0
cpe:2.3:a:python:requests::::::::	n/a	2.2.1 (including)	*
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::	n/a	n/a	14.04
cpe:2.3:o:mageia:mageia:4.0:::::::*	n/a	n/a	4.0

External Links

NVD - CVE-2014-1829