Search for packages
| purl | pkg:deb/debian/requests@2.11.1-1 |
| Next non-vulnerable version | 2.32.3+dfsg-5 |
| Latest non-vulnerable version | 2.32.3+dfsg-5 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3nqp-s5gu-aaae
Aliases: CVE-2023-32681 GHSA-j8r2-6x86-q33q PYSEC-2023-74 |
Unintended leak of Proxy-Authorization header in requests |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-c4ud-sqr9-aaae
Aliases: CVE-2018-18074 GHSA-x84v-xcm2-53pg PYSEC-2018-28 |
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. |
Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T17:53:05.600519+00:00 | Debian Oval Importer | Affected by | VCID-c4ud-sqr9-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T11:36:50.669583+00:00 | Debian Oval Importer | Affected by | VCID-3nqp-s5gu-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T08:26:33.931555+00:00 | Debian Oval Importer | Affected by | VCID-3nqp-s5gu-aaae | None | 36.1.3 |
| 2025-06-20T20:16:35.456533+00:00 | Debian Oval Importer | Affected by | VCID-c4ud-sqr9-aaae | None | 36.1.3 |
| 2025-06-08T10:24:53.127741+00:00 | Debian Oval Importer | Affected by | VCID-c4ud-sqr9-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:54:41.838646+00:00 | Debian Oval Importer | Affected by | VCID-3nqp-s5gu-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T02:07:53.481790+00:00 | Debian Oval Importer | Affected by | VCID-3nqp-s5gu-aaae | None | 36.1.0 |
| 2025-06-07T13:56:19.999391+00:00 | Debian Oval Importer | Affected by | VCID-c4ud-sqr9-aaae | None | 36.1.0 |
| 2025-04-12T22:35:03.592588+00:00 | Debian Oval Importer | Affected by | VCID-c4ud-sqr9-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:06:01.048603+00:00 | Debian Oval Importer | Affected by | VCID-c4ud-sqr9-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:25:53.149642+00:00 | Debian Oval Importer | Affected by | VCID-3nqp-s5gu-aaae | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T00:39:49.050505+00:00 | Debian Oval Importer | Affected by | VCID-3nqp-s5gu-aaae | None | 36.0.0 |
| 2025-04-07T12:31:01.616534+00:00 | Debian Oval Importer | Affected by | VCID-c4ud-sqr9-aaae | None | 36.0.0 |