Search for packages
| purl | pkg:deb/debian/requests@2.32.3%2Bdfsg-5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-8k1j-7dnf-c7c9 |
CVE-2023-32681
GHSA-j8r2-6x86-q33q PYSEC-2023-74 |
|
| VCID-9cnc-crya-jyes | Requests `Session` object does not verify requests after making first request with verify=False When making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same origin will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. ### Remediation Any of these options can be used to remediate the current issue, we highly recommend upgrading as the preferred mitigation. * Upgrade to `requests>=2.32.0`. * For `requests<2.32.0`, avoid setting `verify=False` for the first request to a host while using a Requests Session. * For `requests<2.32.0`, call `close()` on `Session` objects to clear existing connections if `verify=False` is used. ### Related Links * https://github.com/psf/requests/pull/6655 |
CVE-2024-35195
GHSA-9wx4-h78v-vm56 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-01T15:21:50.223315+00:00 | Debian Importer | Fixing | VCID-8k1j-7dnf-c7c9 | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-07-01T15:09:17.429317+00:00 | Debian Importer | Fixing | VCID-9cnc-crya-jyes | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |