Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-2296

A flaw was found in the way python-requests set the domain cookie parameter for certain HTTP responses. A remote attacker could use this flaw to modify a cookie to be sent to an arbitrary URL.

Source

ALAS-2015-541

Amazon Linux AMI Security Advisory: ALAS-2015-541
Advisory Release Date: 2015-06-11 08:08 Pacific
Advisory Updated Date: 2015-06-11 08:09 Pacific

Severity: Medium

References: CVE-2015-2296

Issue Overview:

A flaw was found in the way python-requests set the domain cookie parameter for certain HTTP responses. A remote attacker could use this flaw to modify a cookie to be sent to an arbitrary URL.

Affected Packages:

python-pip

Issue Correction:
Run yum update python-pip to update your system.

New Packages:

noarch:
    python26-pip-6.1.1-1.20.amzn1.noarch
    python27-pip-6.1.1-1.20.amzn1.noarch
    python34-pip-6.1.1-1.20.amzn1.noarch

src:
    python-pip-6.1.1-1.20.amzn1.src

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2015-541

ALAS-2015-541

Vulmon Search

About

Products

Connect