VulnerableCode Package Details - pkg:pypi/requests@2.32.4

Search for packages

Package details: pkg:pypi/requests@2.32.4

Essentials
History (2)

purl	pkg:pypi/requests@2.32.4

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-c9yw-g7v4-mkeh	Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.	CVE-2024-47081 GHSA-9hjg-9r4m-mvj7

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-09T22:37:46.725681+00:00	GHSA Importer	Fixing	VCID-c9yw-g7v4-mkeh	https://github.com/advisories/GHSA-9hjg-9r4m-mvj7	36.1.0
2025-06-09T20:18:29.094070+00:00	GithubOSV Importer	Fixing	VCID-c9yw-g7v4-mkeh	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/06/GHSA-9hjg-9r4m-mvj7/GHSA-9hjg-9r4m-mvj7.json	36.1.0