RedHat python-requests CVE-2018-18074 Information Disclosure Vulnerability
Description
The python-requests package contains a library designed to make HTTP requests easy for developers. Security Fix(es): * python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
Affected Applications
python-requests