python-requests-2.20.0-6.el8_10
エラータID: AXSA:2025-10703:04
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* requests: Requests vulnerable to .netrc credentials leak via malicious URLs (CVE-2024-47081)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2024-47081
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.
Update packages.
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.
N/A
SRPMS
- python-requests-2.20.0-6.el8_10.src.rpm
MD5: a5c25f4f99d1c9eb17cda7d7ef90b122
SHA-256: cd7b4418a503cd6cf3f446f953b3638659967bd67330b953da418e5d9d32e5a0
Size: 2.96 MB
Asianux Server 8 for x86_64
- python3-requests-2.20.0-6.el8_10.noarch.rpm
MD5: 347fd6fad11ebb84dcaf98c31faea2ee
SHA-256: 862ed61342ec4a8936484cb7ad33479dd79756405f05714e94f74e5c398d64c6
Size: 125.23 kB
日本語