Computer Security
[EN] securityvulns.ru no-pyccku


python requests library session fixation
Published:18.03.2015
Source:
SecurityVulns ID:14330
Type:library
Threat Level:
5/10
Description:Invalid cookies processing in redirects.
Affected:PYTHON : python-requests 2.3
CVE:CVE-2015-2296 (The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.)
Original documentdocumentUBUNTU, [USN-2531-1] Requests vulnerability (18.03.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod