Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/10401?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10401?format=api", "vulnerability_id": "VCID-a3cx-5ju5-27ez", "summary": "Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.", "aliases": [ { "alias": "CVE-2023-32681" }, { "alias": "GHSA-j8r2-6x86-q33q" }, { "alias": "PYSEC-2023-74" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937752?format=api", "purl": "pkg:deb/debian/requests@2.31.0%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/requests@2.31.0%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/994775?format=api", "purl": "pkg:deb/debian/requests@2.32.3%2Bdfsg-5%2Bdeb13u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/requests@2.32.3%252Bdfsg-5%252Bdeb13u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/937749?format=api", "purl": "pkg:deb/debian/requests@2.32.3%2Bdfsg-5%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/requests@2.32.3%252Bdfsg-5%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/937748?format=api", "purl": "pkg:deb/debian/requests@2.32.5%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/requests@2.32.5%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/79235?format=api", "purl": "pkg:ebuild/dev-python/requests@2.31.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/requests@2.31.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35191?format=api", "purl": "pkg:pypi/requests@2.31.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.31.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937747?format=api", "purl": "pkg:deb/debian/requests@2.25.1%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/requests@2.25.1%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/994773?format=api", "purl": "pkg:deb/debian/requests@2.25.1%2Bdfsg-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/requests@2.25.1%252Bdfsg-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/937745?format=api", "purl": "pkg:deb/debian/requests@2.28.1%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/requests@2.28.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/994774?format=api", "purl": "pkg:deb/debian/requests@2.28.1%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/requests@2.28.1%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/3688?format=api", "purl": "pkg:pypi/requests@2.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-b16q-djxv-m7c2" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/3845?format=api", "purl": "pkg:pypi/requests@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-b16q-djxv-m7c2" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/3846?format=api", "purl": "pkg:pypi/requests@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-b16q-djxv-m7c2" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/3847?format=api", "purl": "pkg:pypi/requests@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-b16q-djxv-m7c2" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/3848?format=api", "purl": "pkg:pypi/requests@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-b16q-djxv-m7c2" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/3849?format=api", "purl": "pkg:pypi/requests@2.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-b16q-djxv-m7c2" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/3850?format=api", "purl": "pkg:pypi/requests@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-b16q-djxv-m7c2" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/3851?format=api", "purl": "pkg:pypi/requests@2.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-b16q-djxv-m7c2" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/3852?format=api", "purl": "pkg:pypi/requests@2.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-b16q-djxv-m7c2" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/3853?format=api", "purl": "pkg:pypi/requests@2.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7316?format=api", "purl": "pkg:pypi/requests@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7317?format=api", "purl": "pkg:pypi/requests@2.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.6.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/7318?format=api", "purl": "pkg:pypi/requests@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7319?format=api", "purl": "pkg:pypi/requests@2.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7320?format=api", "purl": "pkg:pypi/requests@2.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7321?format=api", "purl": "pkg:pypi/requests@2.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7322?format=api", "purl": "pkg:pypi/requests@2.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7323?format=api", "purl": "pkg:pypi/requests@2.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/7324?format=api", "purl": "pkg:pypi/requests@2.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7325?format=api", "purl": "pkg:pypi/requests@2.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7326?format=api", "purl": "pkg:pypi/requests@2.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7327?format=api", "purl": "pkg:pypi/requests@2.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7328?format=api", "purl": "pkg:pypi/requests@2.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7329?format=api", "purl": "pkg:pypi/requests@2.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/7330?format=api", "purl": "pkg:pypi/requests@2.12.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.12.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/7331?format=api", "purl": "pkg:pypi/requests@2.12.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.12.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/7332?format=api", "purl": "pkg:pypi/requests@2.12.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.12.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/7333?format=api", "purl": "pkg:pypi/requests@2.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7334?format=api", "purl": "pkg:pypi/requests@2.14.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7335?format=api", "purl": "pkg:pypi/requests@2.14.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.14.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7336?format=api", "purl": "pkg:pypi/requests@2.14.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.14.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/7337?format=api", "purl": "pkg:pypi/requests@2.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.15.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7338?format=api", "purl": "pkg:pypi/requests@2.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.15.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7339?format=api", "purl": "pkg:pypi/requests@2.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7340?format=api", "purl": "pkg:pypi/requests@2.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.16.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7341?format=api", "purl": "pkg:pypi/requests@2.16.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.16.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/7342?format=api", "purl": "pkg:pypi/requests@2.16.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.16.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/7343?format=api", "purl": "pkg:pypi/requests@2.16.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.16.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/7344?format=api", "purl": "pkg:pypi/requests@2.16.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.16.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/7345?format=api", "purl": "pkg:pypi/requests@2.17.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.17.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7346?format=api", "purl": "pkg:pypi/requests@2.17.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.17.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7347?format=api", "purl": "pkg:pypi/requests@2.17.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.17.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/7348?format=api", "purl": "pkg:pypi/requests@2.17.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.17.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/7349?format=api", "purl": "pkg:pypi/requests@2.18.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.18.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7350?format=api", "purl": "pkg:pypi/requests@2.18.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.18.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7351?format=api", "purl": "pkg:pypi/requests@2.18.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.18.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/7352?format=api", "purl": "pkg:pypi/requests@2.18.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.18.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/7353?format=api", "purl": "pkg:pypi/requests@2.18.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.18.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/7354?format=api", "purl": "pkg:pypi/requests@2.19.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.19.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/7355?format=api", "purl": "pkg:pypi/requests@2.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-pd4x-3cee-t7g3" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.19.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/7356?format=api", "purl": "pkg:pypi/requests@2.20.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.20.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35176?format=api", "purl": "pkg:pypi/requests@2.20.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.20.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/35177?format=api", "purl": "pkg:pypi/requests@2.21.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.21.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35178?format=api", "purl": "pkg:pypi/requests@2.22.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.22.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35179?format=api", "purl": "pkg:pypi/requests@2.23.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.23.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35180?format=api", "purl": "pkg:pypi/requests@2.24.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.24.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35181?format=api", "purl": "pkg:pypi/requests@2.25.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.25.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35182?format=api", "purl": "pkg:pypi/requests@2.25.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.25.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/35183?format=api", "purl": "pkg:pypi/requests@2.26.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.26.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35184?format=api", "purl": "pkg:pypi/requests@2.27.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.27.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35185?format=api", "purl": "pkg:pypi/requests@2.27.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.27.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/35186?format=api", "purl": "pkg:pypi/requests@2.28.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.28.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35187?format=api", "purl": "pkg:pypi/requests@2.28.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.28.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/35188?format=api", "purl": "pkg:pypi/requests@2.28.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.28.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/35189?format=api", "purl": "pkg:pypi/requests@2.29.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.29.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/35190?format=api", "purl": "pkg:pypi/requests@2.30.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" }, { "vulnerability": "VCID-duvn-u125-dqan" }, { "vulnerability": "VCID-stx3-z3wu-pbat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.30.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/96049?format=api", "purl": "pkg:rpm/redhat/python3x-requests@2.31.0-1?arch=el8ap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3x-requests@2.31.0-1%3Farch=el8ap" }, { "url": "http://public2.vulnerablecode.io/api/packages/96052?format=api", "purl": "pkg:rpm/redhat/python-requests@2.20.0-3?arch=el8_8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-requests@2.20.0-3%3Farch=el8_8" }, { "url": "http://public2.vulnerablecode.io/api/packages/96050?format=api", "purl": "pkg:rpm/redhat/python-requests@2.20.0-3?arch=el8_6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-requests@2.20.0-3%3Farch=el8_6" }, { "url": "http://public2.vulnerablecode.io/api/packages/96048?format=api", "purl": "pkg:rpm/redhat/python-requests@2.25.1-7?arch=el9_2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-requests@2.25.1-7%3Farch=el9_2" }, { "url": "http://public2.vulnerablecode.io/api/packages/96051?format=api", "purl": "pkg:rpm/redhat/python-requests@2.31.0-1?arch=el8pc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-requests@2.31.0-1%3Farch=el8pc" }, { "url": "http://public2.vulnerablecode.io/api/packages/96047?format=api", "purl": "pkg:rpm/redhat/rh-python38-python-requests@2.22.0-11?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a3cx-5ju5-27ez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python38-python-requests@2.22.0-11%3Farch=el7" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32681.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32681.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06121", "scoring_system": "epss", "scoring_elements": "0.9082", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06121", "scoring_system": "epss", "scoring_elements": "0.908", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06121", "scoring_system": "epss", "scoring_elements": "0.90802", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06121", "scoring_system": "epss", "scoring_elements": "0.90794", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06278", "scoring_system": "epss", "scoring_elements": "0.90915", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06278", "scoring_system": "epss", "scoring_elements": "0.90904", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06278", "scoring_system": "epss", "scoring_elements": "0.90894", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06278", "scoring_system": "epss", "scoring_elements": "0.90884", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32681" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/psf/requests", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/psf/requests" }, { "reference_url": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:35:47Z/" } ], "url": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5" }, { "reference_url": "https://github.com/psf/requests/releases/tag/v2.31.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:35:47Z/" } ], "url": "https://github.com/psf/requests/releases/tag/v2.31.0" }, { "reference_url": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:35:47Z/" } ], "url": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2023-74.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2023-74.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:35:47Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:35:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ" }, { "reference_url": "https://security.gentoo.org/glsa/202309-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:35:47Z/" } ], "url": "https://security.gentoo.org/glsa/202309-08" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036693", "reference_id": "1036693", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209469", "reference_id": "2209469", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209469" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32681", "reference_id": "CVE-2023-32681", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32681" }, { "reference_url": "https://github.com/advisories/GHSA-j8r2-6x86-q33q", "reference_id": "GHSA-j8r2-6x86-q33q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j8r2-6x86-q33q" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/", "reference_id": "KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:35:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4350", "reference_id": "RHSA-2023:4350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4520", "reference_id": "RHSA-2023:4520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4693", "reference_id": "RHSA-2023:4693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6793", "reference_id": "RHSA-2023:6793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6818", "reference_id": "RHSA-2023:6818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7034", "reference_id": "RHSA-2023:7034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7042", "reference_id": "RHSA-2023:7042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7050", "reference_id": "RHSA-2023:7050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0299", "reference_id": "RHSA-2024:0299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0299" }, { "reference_url": "https://usn.ubuntu.com/6155-1/", "reference_id": "USN-6155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6155-1/" }, { "reference_url": "https://usn.ubuntu.com/6155-2/", "reference_id": "USN-6155-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6155-2/" }, { "reference_url": "https://usn.ubuntu.com/7568-1/", "reference_id": "USN-7568-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7568-1/" }, { "reference_url": "https://usn.ubuntu.com/7762-1/", "reference_id": "USN-7762-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7762-1/" } ], "weaknesses": [ { "cwe_id": 200, "name": "Exposure of Sensitive Information to an Unauthorized Actor", "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 402, "name": "Transmission of Private Resources into a New Sphere ('Resource Leak')", "description": "The product makes resources available to untrusted parties when those resources are only intended to be accessed by the product." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3cx-5ju5-27ez" }