python-urllib3-1.24.2-10.el8_10
エラータID: AXSA:2026-1235:03
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers (CVE-2026-44431)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-44431
urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.
Update packages.
urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.
N/A
SRPMS
- python-urllib3-1.24.2-10.el8_10.src.rpm
MD5: 9f875548020757c9cc92879c423a8982
SHA-256: 24725519ccd30ce140d09777ea0e2aba77df7c84ecebf5a00946ddd632da1b1e
Size: 246.65 kB
Asianux Server 8 for x86_64
- python3-urllib3-1.24.2-10.el8_10.noarch.rpm
MD5: d3d21d0b4dd6dcfc23fdabfce56b8f74
SHA-256: 68229cbb2696a893d0e5d0e9bb5dcb64b06e73090952816507a0e82e87d4c57d
Size: 180.29 kB