requests@1.0.3 vulnerabilities
Python HTTP for Humans.
-
latest version
2.31.0
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
a year ago
-
licenses detected
- [1.0.0,)
Direct Vulnerabilities
Known vulnerabilities in the requests package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
Requests is a Non-GMO HTTP library for Python Affected versions of this package are vulnerable to Information Exposure. Upon receiving a same-hostname https-to-http redirect, it sends the HTTP Authorization header to an http URI. This makes it easier for remote attackers to discover credentials by sniffing the network. How to fix Information Exposure? Upgrade |
[,2.20)
|
Affected versions of this package are vulnerable to Information Disclosure attacks. Remote servers may obtain sensitive information by reading the How to fix Information Exposure? Upgrade to version |
[,2.3.0)
|
Affected versions of this package are vulnerable to Information Exposure. Remote servers may obtain a netrc password by reading the Authorization header in a redirected request. How to fix Information Exposure? Upgrade to version |
[,2.3.0)
|
Affected versions of this package are vulnerable to Denial of Service attacks.
Algorithmic complexity vulnerability in the How to fix Denial of Service (DoS)? Upgrade to version |
[,1.1.0)
|
Affected versions of this package are vulnerable to Denial of Service (DoS) attacks. When sending a digest with an incorrect password, it will retry the request for infinity. An attacker can send many of these requests, causing a denial of service. |
[,1.2.3]
|