All errata/sisyphus/ALT-PU-2015-2855-1
ALT-PU-2015-2855-1

Package update python-module-requests in branch sisyphus

Version2.6.0-alt1.git20150316
Task#142040
Published2015-03-19
Max severityMEDIUM
Severity:

Closed issues (2)

CVE-2015-2296
MEDIUM6.8

The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.

Published: 2015-03-18Modified: 2025-04-12
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
References
GHSA-pg2w-x9wp-vw92
NONE

Python Requests Session Fixation

Published: 2022-05-13Modified: 2024-10-22
References