Search for packages
Package details: pkg:deb/debian/requests@2.4.3-6
purl pkg:deb/debian/requests@2.4.3-6
Next non-vulnerable version 2.32.3+dfsg-5
Latest non-vulnerable version 2.32.3+dfsg-5
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-3nqp-s5gu-aaae
Aliases:
CVE-2023-32681
GHSA-j8r2-6x86-q33q
PYSEC-2023-74
Unintended leak of Proxy-Authorization header in requests
2.25.1+dfsg-2
Affected by 2 other vulnerabilities.
2.31.0+dfsg-1
Affected by 0 other vulnerabilities.
2.31.0+dfsg-2
Affected by 0 other vulnerabilities.
2.32.3+dfsg-1
Affected by 0 other vulnerabilities.
2.32.3+dfsg-4
Affected by 0 other vulnerabilities.
2.32.3+dfsg-5
Affected by 0 other vulnerabilities.
VCID-c4ud-sqr9-aaae
Aliases:
CVE-2018-18074
GHSA-x84v-xcm2-53pg
PYSEC-2018-28
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
2.21.0-1~bpo9+1
Affected by 0 other vulnerabilities.
2.21.0-1
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-ck1f-qh2d-aaab The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. CVE-2015-2296
GHSA-pg2w-x9wp-vw92
PYSEC-2015-17
VCID-kvms-7ss9-aaap Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request. CVE-2014-1829
GHSA-cfj3-7x9c-4p3h
PYSEC-2014-13
VCID-kx6u-xprg-aaar Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request. CVE-2014-1830
GHSA-652x-xj99-gmcc
PYSEC-2014-14

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T17:53:05.596391+00:00 Debian Oval Importer Affected by VCID-c4ud-sqr9-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:11:01.724861+00:00 Debian Oval Importer Fixing VCID-ck1f-qh2d-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T11:58:18.274522+00:00 Debian Oval Importer Fixing VCID-kx6u-xprg-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T11:36:50.665319+00:00 Debian Oval Importer Affected by VCID-3nqp-s5gu-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T11:24:17.451399+00:00 Debian Oval Importer Fixing VCID-kvms-7ss9-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T08:26:33.927270+00:00 Debian Oval Importer Affected by VCID-3nqp-s5gu-aaae None 36.1.3
2025-06-21T00:55:07.843514+00:00 Debian Oval Importer Fixing VCID-kx6u-xprg-aaar None 36.1.3
2025-06-20T22:24:06.796504+00:00 Debian Oval Importer Fixing VCID-ck1f-qh2d-aaab None 36.1.3
2025-06-20T20:16:35.453414+00:00 Debian Oval Importer Affected by VCID-c4ud-sqr9-aaae None 36.1.3
2025-06-20T19:48:50.439409+00:00 Debian Oval Importer Fixing VCID-kvms-7ss9-aaap None 36.1.3
2025-06-08T13:16:13.648029+00:00 Debian Oval Importer Fixing VCID-ck1f-qh2d-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:24:53.124724+00:00 Debian Oval Importer Affected by VCID-c4ud-sqr9-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:04:45.243049+00:00 Debian Oval Importer Fixing VCID-ck1f-qh2d-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:08:37.738737+00:00 Debian Oval Importer Fixing VCID-kx6u-xprg-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T04:54:41.835039+00:00 Debian Oval Importer Affected by VCID-3nqp-s5gu-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T04:46:34.756055+00:00 Debian Oval Importer Fixing VCID-kvms-7ss9-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T02:07:53.477912+00:00 Debian Oval Importer Affected by VCID-3nqp-s5gu-aaae None 36.1.0
2025-06-07T18:17:29.201233+00:00 Debian Oval Importer Fixing VCID-kx6u-xprg-aaar None 36.1.0
2025-06-07T15:48:20.682397+00:00 Debian Oval Importer Fixing VCID-ck1f-qh2d-aaab None 36.1.0
2025-06-07T13:56:19.996064+00:00 Debian Oval Importer Affected by VCID-c4ud-sqr9-aaae None 36.1.0
2025-06-07T13:40:57.779509+00:00 Debian Oval Importer Fixing VCID-kvms-7ss9-aaap None 36.1.0
2025-04-12T22:35:03.582533+00:00 Debian Oval Importer Affected by VCID-c4ud-sqr9-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:19:52.827931+00:00 Debian Oval Importer Fixing VCID-kvms-7ss9-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:33:54.734694+00:00 Debian Oval Importer Fixing VCID-kx6u-xprg-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:04:11.022304+00:00 Debian Oval Importer Fixing VCID-ck1f-qh2d-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:06:01.038634+00:00 Debian Oval Importer Affected by VCID-c4ud-sqr9-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:36:50.677819+00:00 Debian Oval Importer Fixing VCID-ck1f-qh2d-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:39:35.426873+00:00 Debian Oval Importer Fixing VCID-kx6u-xprg-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:25:53.139257+00:00 Debian Oval Importer Affected by VCID-3nqp-s5gu-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:17:37.874510+00:00 Debian Oval Importer Fixing VCID-kvms-7ss9-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T00:39:49.039648+00:00 Debian Oval Importer Affected by VCID-3nqp-s5gu-aaae None 36.0.0
2025-04-07T16:55:00.382241+00:00 Debian Oval Importer Fixing VCID-kx6u-xprg-aaar None 36.0.0
2025-04-07T14:19:07.550852+00:00 Debian Oval Importer Fixing VCID-ck1f-qh2d-aaab None 36.0.0
2025-04-07T12:31:01.601073+00:00 Debian Oval Importer Affected by VCID-c4ud-sqr9-aaae None 36.0.0
2025-04-07T12:16:17.233694+00:00 Debian Oval Importer Fixing VCID-kvms-7ss9-aaap None 36.0.0