requests@2.1.0 vulnerabilities

Python HTTP for Humans.

Known vulnerabilities in the requests package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
C Information Exposure Requests is a Non-GMO HTTP library for Python Affected versions of this package are vulnerable to Information Exposure. Upon receiving a same-hostname https-to-http redirect, it sends the HTTP Authorization header to an http URI. This makes it easier for remote attackers to discover credentials by sniffing the network. How to fix Information Exposure? Upgrade `request` to version 2.20 or higher.	[,2.20)
M Session Fixation `requests` is a Python HTTP for Humans. The `resolve_redirects` function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.	[2.1.0,2.6.0)
M Information Exposure `requests` is a Python HTTP for Humans. Affected versions of this package are vulnerable to Information Disclosure attacks. Remote servers may obtain sensitive information by reading the `Proxy-Authorization` header in a redirected request. How to fix Information Exposure? Upgrade to version `2.3.0` or greater.	[,2.3.0)
M Information Exposure `requests` is a Python HTTP for Humans. Affected versions of this package are vulnerable to Information Exposure. Remote servers may obtain a netrc password by reading the Authorization header in a redirected request. How to fix Information Exposure? Upgrade to version `2.3.0` or greater.	[,2.3.0)