RedHat python-requests CVE-2018-18074 Information Disclosure Vulnerability

description-logoDescription

The python-requests package contains a library designed to make HTTP requests easy for developers. Security Fix(es): * python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

affected-products-logoAffected Applications

python-requests

CVE References

CVE-2018-18074