https://www.oracle.com/security-alerts/cpujul2022.html [No Types Assigned]

OR
     *cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html Mailing List, Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2035 No Types Assigned

https://access.redhat.com/errata/RHSA-2019:2035 Third Party Advisory

OR
     *cpe:2.3:a:python-requests:requests:*:*:*:*:*:*:*:* versions from (excluding) 2.20.0

OR
     *cpe:2.3:a:python:requests:*:*:*:*:*:*:*:* versions from (excluding) 2.20.0

CWE-255
CWE-200

CWE-522

https://access.redhat.com/errata/RHSA-2019:2035 [No Types Assigned]

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00024.html [No Types Assigned]

OR
     *cpe:2.3:a:python-requests:requests:*:*:*:*:*:*:*:* versions up to (excluding) 2.20.0

OR
     *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
     *cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-255

http://docs.python-requests.org/en/master/community/updates/#release-and-version-history No Types Assigned

http://docs.python-requests.org/en/master/community/updates/#release-and-version-history Release Notes, Third Party Advisory

https://bugs.debian.org/910766 No Types Assigned

https://bugs.debian.org/910766 Exploit, Issue Tracking, Patch, Third Party Advisory

https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff No Types Assigned

https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff Patch, Third Party Advisory

https://github.com/requests/requests/issues/4716 No Types Assigned

https://github.com/requests/requests/issues/4716 Exploit, Patch, Third Party Advisory

https://github.com/requests/requests/pull/4718 No Types Assigned

https://github.com/requests/requests/pull/4718 Patch, Third Party Advisory

https://usn.ubuntu.com/3790-1/ No Types Assigned

https://usn.ubuntu.com/3790-1/ Third Party Advisory

https://usn.ubuntu.com/3790-2/ No Types Assigned

https://usn.ubuntu.com/3790-2/ Third Party Advisory

https://usn.ubuntu.com/3790-2/ [No Types Assigned]

The Requests package through 2.19.1 before 2018-09-14 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.

The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.

http://docs.python-requests.org/en/master/community/updates/#release-and-version-history [No Types Assigned]

https://usn.ubuntu.com/3790-1/ [No Types Assigned]

https://bugs.debian.org/910766 [No Types Assigned]