Requests (aka python-requests) prior to 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 7.0 |
||
python requests |
||
canonical ubuntu linux 14.04 |
||
mageia mageia 4.0 |