Login
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in python3.11-urllib3
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in python3.11-urllib3
ID: RHSA-2025:0078
Distribution: Red Hat
Plattformen: Red Hat Enterprise Linux AppStream EUS (v.8.8)
Datum: Do, 9. Januar 2025, 16:19
Referenzen: https://access.redhat.com/errata/RHSA-2025:0078
https://access.redhat.com/security/cve/CVE-2023-45803
https://bugzilla.redhat.com/show_bug.cgi?id=2246840
Applikationen: python-urllib3

Originalnachricht

An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux
8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Python is an interpreted, interactive, object-oriented programming language,
which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

* urllib3: Request body not stripped after redirect from 303 status changes
request method to GET (CVE-2023-45803)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2023-45803: Exposure of Sensitive Information to an Unauthorized Actor
(CWE-200)
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung