CVE-2018-18074

moderate-risk

Published 2018-10-09

The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.

Do I need to act?

0.18% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (9)

Requests

Ubuntu Linux

Leap

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Workstation

Affected Vendors

Redhat Python Canonical Opensuse

References (20)

Release Notes http://docs.python-requests.org/en/master/community/updates/#release-and-version...

Mailing List http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html

Third Party Advisory https://access.redhat.com/errata/RHSA-2019:2035

Exploit https://bugs.debian.org/910766

Patch https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e...

Exploit https://github.com/requests/requests/issues/4716

Patch https://github.com/requests/requests/pull/4718

Third Party Advisory https://usn.ubuntu.com/3790-1/

Third Party Advisory https://usn.ubuntu.com/3790-2/

https://www.oracle.com/security-alerts/cpujul2022.html