CVE-2014-1830

kennethreitz/requests

on github

Published

October 15, 2014

Severity

CVSS v3:

N/A

CVSS v2:

5 MEDIUM

Description

Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.

References

https://github.com/kennethreitz/requests/issues/1885
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108
http://www.debian.org/security/2015/dsa-3146
http://www.mandriva.com/security/advisories?name=MDVSA-2015:133
http://advisories.mageia.org/MGASA-2014-0409.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00095.html

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:o:opensuse:opensuse:13.1:::::::*	n/a	n/a	13.1
cpe:2.3:a:python:requests::::::::	n/a	2.2.1 (including)	*

External Links

NVD - CVE-2014-1830