{"url":"http://public2.vulnerablecode.io/api/packages/46969?format=json","purl":"pkg:pypi/requests@0.7.6","type":"pypi","namespace":"","name":"requests","version":"0.7.6","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.33.0","latest_non_vulnerable_version":"2.33.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19169?format=json","vulnerability_id":"VCID-pq31-8a2c-ffg4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35195.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35195.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35195","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22403","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35195"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35195","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35195"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/psf/requests","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/psf/requests"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071593","reference_id":"1071593","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071593"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282114","reference_id":"2282114","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282114"},{"reference_url":"https://github.com/psf/requests/pull/6655","reference_id":"6655","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/"}],"url":"https://github.com/psf/requests/pull/6655"},{"reference_url":"https://github.com/psf/requests/commit/a58d7f2ffb4d00b46dca2d70a3932a0b37e22fac","reference_id":"a58d7f2ffb4d00b46dca2d70a3932a0b37e22fac","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/"}],"url":"https://github.com/psf/requests/commit/a58d7f2ffb4d00b46dca2d70a3932a0b37e22fac"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35195","reference_id":"CVE-2024-35195","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35195"},{"reference_url":"https://github.com/advisories/GHSA-9wx4-h78v-vm56","reference_id":"GHSA-9wx4-h78v-vm56","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9wx4-h78v-vm56"},{"reference_url":"https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56","reference_id":"GHSA-9wx4-h78v-vm56","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/"}],"url":"https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q/","reference_id":"IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ/","reference_id":"N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3781","reference_id":"RHSA-2024:3781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4522","reference_id":"RHSA-2024:4522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9988","reference_id":"RHSA-2024:9988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0012","reference_id":"RHSA-2025:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1335","reference_id":"RHSA-2025:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2399","reference_id":"RHSA-2025:2399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7049","reference_id":"RHSA-2025:7049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8385","reference_id":"RHSA-2025:8385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8385"},{"reference_url":"https://usn.ubuntu.com/8344-1/","reference_id":"USN-8344-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8344-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/31526?format=json","purl":"pkg:pypi/requests@2.32.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-x2yb-atfa-g7bh"},{"vulnerability":"VCID-x3gy-57jw-37at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.32.0"}],"aliases":["CVE-2024-35195","GHSA-9wx4-h78v-vm56"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pq31-8a2c-ffg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111128?format=json","vulnerability_id":"VCID-qfhw-gynq-7qbz","summary":"security update","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0409.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://advisories.mageia.org/MGASA-2014-0409.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1829.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1829.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1829","reference_id":"","reference_type":"","scores":[{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66204","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1829"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1830"},{"reference_url":"https://github.com/advisories/GHSA-cfj3-7x9c-4p3h","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cfj3-7x9c-4p3h"},{"reference_url":"https://github.com/kennethreitz/requests/issues/1885","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/kennethreitz/requests/issues/1885"},{"reference_url":"https://github.com/psf/requests","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/psf/requests"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2014-13.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2014-13.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-1829","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-1829"},{"reference_url":"https://web.archive.org/web/20150523055216/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:133/?name=MDVSA-2015:133","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523055216/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:133/?name=MDVSA-2015:133"},{"reference_url":"http://www.debian.org/security/2015/dsa-3146","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3146"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:133","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:133"},{"reference_url":"http://www.ubuntu.com/usn/USN-2382-1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2382-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046626","reference_id":"1046626","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046626"},{"reference_url":"https://usn.ubuntu.com/2382-1/","reference_id":"USN-2382-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2382-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47023?format=json","purl":"pkg:pypi/requests@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g7ep-y2e5-vyhq"},{"vulnerability":"VCID-pq31-8a2c-ffg4"},{"vulnerability":"VCID-qgc6-u7zq-v3b9"},{"vulnerability":"VCID-wpkr-axk7-93d8"},{"vulnerability":"VCID-x2yb-atfa-g7bh"},{"vulnerability":"VCID-x3gy-57jw-37at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.3.0"}],"aliases":["CVE-2014-1829","GHSA-cfj3-7x9c-4p3h","PYSEC-2014-13"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qfhw-gynq-7qbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5098?format=json","vulnerability_id":"VCID-qgc6-u7zq-v3b9","summary":"","references":[{"reference_url":"http://docs.python-requests.org/en/master/community/updates/#release-and-version-history","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://docs.python-requests.org/en/master/community/updates/#release-and-version-history"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2035","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:2035"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18074.json","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18074.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18074","reference_id":"","reference_type":"","scores":[{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41846","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18074"},{"reference_url":"https://bugs.debian.org/910766","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.debian.org/910766"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18074","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18074"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2018-28.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2018-28.yaml"},{"reference_url":"https://github.com/requests/requests","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/requests/requests"},{"reference_url":"https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff"},{"reference_url":"https://github.com/requests/requests/issues/4716","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/requests/requests/issues/4716"},{"reference_url":"https://github.com/requests/requests/pull/4718","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/requests/requests/pull/4718"},{"reference_url":"https://usn.ubuntu.com/3790-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3790-1"},{"reference_url":"https://usn.ubuntu.com/3790-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3790-1/"},{"reference_url":"https://usn.ubuntu.com/3790-2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3790-2"},{"reference_url":"https://usn.ubuntu.com/3790-2/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3790-2/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1643829","reference_id":"1643829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1643829"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910766","reference_id":"910766","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910766"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-18074","reference_id":"CVE-2018-18074","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-18074"},{"reference_url":"https://github.com/advisories/GHSA-x84v-xcm2-53pg","reference_id":"GHSA-x84v-xcm2-53pg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x84v-xcm2-53pg"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0850","reference_id":"RHSA-2020:0850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0851","reference_id":"RHSA-2020:0851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1605","reference_id":"RHSA-2020:1605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1916","reference_id":"RHSA-2020:1916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1916"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2068","reference_id":"RHSA-2020:2068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2081","reference_id":"RHSA-2020:2081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2081"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/14410?format=json","purl":"pkg:pypi/requests@2.20.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-pq31-8a2c-ffg4"},{"vulnerability":"VCID-wpkr-axk7-93d8"},{"vulnerability":"VCID-x2yb-atfa-g7bh"},{"vulnerability":"VCID-x3gy-57jw-37at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.20.0"}],"aliases":["CVE-2018-18074","GHSA-x84v-xcm2-53pg","PYSEC-2018-28"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgc6-u7zq-v3b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/361433?format=json","vulnerability_id":"VCID-vgw8-8t9n-hkcd","summary":"When using digest authentication with a wrong password, `requests` will retry the request for infinity. This makes the package vulnerable to Denial of Service (DoS).","references":[{"reference_url":"https://github.com/requests/requests/issues/541","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/requests/requests/issues/541"},{"reference_url":"https://github.com/requests/requests/pull/547","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/requests/requests/pull/547"},{"reference_url":"https://github.com/requests/requests/pull/547/commits/c3e6c41fc164d4348f8ce197bd0075aff05637af","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/requests/requests/pull/547/commits/c3e6c41fc164d4348f8ce197bd0075aff05637af"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46994?format=json","purl":"pkg:pypi/requests@0.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g7ep-y2e5-vyhq"},{"vulnerability":"VCID-pq31-8a2c-ffg4"},{"vulnerability":"VCID-qfhw-gynq-7qbz"},{"vulnerability":"VCID-qgc6-u7zq-v3b9"},{"vulnerability":"VCID-x2yb-atfa-g7bh"},{"vulnerability":"VCID-x3gy-57jw-37at"},{"vulnerability":"VCID-x417-9kdn-eqaq"},{"vulnerability":"VCID-y5wz-xsdb-1fg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@0.12.0"},{"url":"http://public2.vulnerablecode.io/api/packages/397845?format=json","purl":"pkg:pypi/requests@0.12.01","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-pq31-8a2c-ffg4"},{"vulnerability":"VCID-qfhw-gynq-7qbz"},{"vulnerability":"VCID-qgc6-u7zq-v3b9"},{"vulnerability":"VCID-x2yb-atfa-g7bh"},{"vulnerability":"VCID-x3gy-57jw-37at"},{"vulnerability":"VCID-x417-9kdn-eqaq"},{"vulnerability":"VCID-y5wz-xsdb-1fg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@0.12.01"}],"aliases":["GMS-2012-3"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vgw8-8t9n-hkcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27416?format=json","vulnerability_id":"VCID-x2yb-atfa-g7bh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25645.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25645.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25645","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00248","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25645"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25645","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25645"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/psf/requests","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/psf/requests"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25645","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25645"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132071","reference_id":"1132071","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451408","reference_id":"2451408","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451408"},{"reference_url":"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7","reference_id":"66d21cb07bd6255b1280291c4fafb71803cdb3b7","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T20:09:33Z/"}],"url":"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7"},{"reference_url":"https://github.com/advisories/GHSA-gc5v-m9x4-r6x2","reference_id":"GHSA-gc5v-m9x4-r6x2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gc5v-m9x4-r6x2"},{"reference_url":"https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2","reference_id":"GHSA-gc5v-m9x4-r6x2","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T20:09:33Z/"}],"url":"https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2"},{"reference_url":"https://github.com/psf/requests/releases/tag/v2.33.0","reference_id":"v2.33.0","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T20:09:33Z/"}],"url":"https://github.com/psf/requests/releases/tag/v2.33.0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375255?format=json","purl":"pkg:pypi/requests@2.33.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.33.0"}],"aliases":["CVE-2026-25645","GHSA-gc5v-m9x4-r6x2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x2yb-atfa-g7bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20775?format=json","vulnerability_id":"VCID-x3gy-57jw-37at","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47081.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47081.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47081","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43302","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47081"},{"reference_url":"http://seclists.org/fulldisclosure/2025/Jun/2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2025/Jun/2"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/psf/requests","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/psf/requests"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47081","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47081"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/03/11","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/03/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/03/9","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/03/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/04/1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/04/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/04/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/04/6"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107368","reference_id":"1107368","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107368"},{"reference_url":"https://seclists.org/fulldisclosure/2025/Jun/2","reference_id":"2","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T18:39:03Z/"}],"url":"https://seclists.org/fulldisclosure/2025/Jun/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2371272","reference_id":"2371272","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2371272"},{"reference_url":"https://github.com/psf/requests/pull/6965","reference_id":"6965","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T18:39:03Z/"}],"url":"https://github.com/psf/requests/pull/6965"},{"reference_url":"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef","reference_id":"96ba401c1296ab1dda74a2365ef36d88f7d144ef","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T18:39:03Z/"}],"url":"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef"},{"reference_url":"https://github.com/advisories/GHSA-9hjg-9r4m-mvj7","reference_id":"GHSA-9hjg-9r4m-mvj7","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9hjg-9r4m-mvj7"},{"reference_url":"https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7","reference_id":"GHSA-9hjg-9r4m-mvj7","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T18:39:03Z/"}],"url":"https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7"},{"reference_url":"https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env","reference_id":"#requests.Session.trust_env","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T18:39:03Z/"}],"url":"https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12519","reference_id":"RHSA-2025:12519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13234","reference_id":"RHSA-2025:13234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13604","reference_id":"RHSA-2025:13604","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13604"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14750","reference_id":"RHSA-2025:14750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14999","reference_id":"RHSA-2025:14999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15121","reference_id":"RHSA-2025:15121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15122","reference_id":"RHSA-2025:15122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15614","reference_id":"RHSA-2025:15614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15615","reference_id":"RHSA-2025:15615","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15615"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15616","reference_id":"RHSA-2025:15616","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15616"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15617","reference_id":"RHSA-2025:15617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15618","reference_id":"RHSA-2025:15618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15622","reference_id":"RHSA-2025:15622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15691","reference_id":"RHSA-2025:15691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15723","reference_id":"RHSA-2025:15723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4215","reference_id":"RHSA-2026:4215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4215"},{"reference_url":"https://usn.ubuntu.com/7568-1/","reference_id":"USN-7568-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7568-1/"},{"reference_url":"https://usn.ubuntu.com/7762-1/","reference_id":"USN-7762-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7762-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/378584?format=json","purl":"pkg:pypi/requests@2.32.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-x2yb-atfa-g7bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.32.4"}],"aliases":["CVE-2024-47081","GHSA-9hjg-9r4m-mvj7"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x3gy-57jw-37at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177050?format=json","vulnerability_id":"VCID-x417-9kdn-eqaq","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"http://bugs.python.org/issue17980","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue17980"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2099","reference_id":"","reference_type":"","scores":[{"value":"0.02979","scoring_system":"epss","scoring_elements":"0.86821","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2099"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066","reference_id":"709066","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067","reference_id":"709067","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068","reference_id":"709068","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069","reference_id":"709069","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070","reference_id":"709070","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=963260","reference_id":"963260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=963260"},{"reference_url":"https://security.gentoo.org/glsa/201401-04","reference_id":"GLSA-201401-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1263","reference_id":"RHSA-2014:1263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1690","reference_id":"RHSA-2014:1690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0042","reference_id":"RHSA-2015:0042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1166","reference_id":"RHSA-2016:1166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1166"},{"reference_url":"https://usn.ubuntu.com/1983-1/","reference_id":"USN-1983-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1983-1/"},{"reference_url":"https://usn.ubuntu.com/1984-1/","reference_id":"USN-1984-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1984-1/"},{"reference_url":"https://usn.ubuntu.com/1985-1/","reference_id":"USN-1985-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1985-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47013?format=json","purl":"pkg:pypi/requests@1.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g7ep-y2e5-vyhq"},{"vulnerability":"VCID-pq31-8a2c-ffg4"},{"vulnerability":"VCID-qfhw-gynq-7qbz"},{"vulnerability":"VCID-qgc6-u7zq-v3b9"},{"vulnerability":"VCID-x2yb-atfa-g7bh"},{"vulnerability":"VCID-x3gy-57jw-37at"},{"vulnerability":"VCID-y5wz-xsdb-1fg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@1.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/47014?format=json","purl":"pkg:pypi/requests@1.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g7ep-y2e5-vyhq"},{"vulnerability":"VCID-pq31-8a2c-ffg4"},{"vulnerability":"VCID-qfhw-gynq-7qbz"},{"vulnerability":"VCID-qgc6-u7zq-v3b9"},{"vulnerability":"VCID-x2yb-atfa-g7bh"},{"vulnerability":"VCID-x3gy-57jw-37at"},{"vulnerability":"VCID-y5wz-xsdb-1fg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@1.1.0"}],"aliases":["CVE-2013-2099"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x417-9kdn-eqaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111130?format=json","vulnerability_id":"VCID-y5wz-xsdb-1fg6","summary":"security update","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0409.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://advisories.mageia.org/MGASA-2014-0409.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00095.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00095.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1830.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1830.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1830","reference_id":"","reference_type":"","scores":[{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64758","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1830"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1830"},{"reference_url":"https://github.com/advisories/GHSA-652x-xj99-gmcc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-652x-xj99-gmcc"},{"reference_url":"https://github.com/kennethreitz/requests/issues/1885","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/kennethreitz/requests/issues/1885"},{"reference_url":"https://github.com/psf/requests","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/psf/requests"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2014-14.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/requests/PYSEC-2014-14.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-1830","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-1830"},{"reference_url":"https://web.archive.org/web/20150523055216/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:133/?name=MDVSA-2015:133","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523055216/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:133/?name=MDVSA-2015:133"},{"reference_url":"http://www.debian.org/security/2015/dsa-3146","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3146"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:133","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:133"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144907","reference_id":"1144907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144907"},{"reference_url":"https://usn.ubuntu.com/2382-1/","reference_id":"USN-2382-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2382-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47023?format=json","purl":"pkg:pypi/requests@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-g7ep-y2e5-vyhq"},{"vulnerability":"VCID-pq31-8a2c-ffg4"},{"vulnerability":"VCID-qgc6-u7zq-v3b9"},{"vulnerability":"VCID-wpkr-axk7-93d8"},{"vulnerability":"VCID-x2yb-atfa-g7bh"},{"vulnerability":"VCID-x3gy-57jw-37at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@2.3.0"}],"aliases":["CVE-2014-1830","GHSA-652x-xj99-gmcc","PYSEC-2014-14"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5wz-xsdb-1fg6"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/requests@0.7.6"}