CVE-2018-18074 — Insufficiently Protected Credentials in Requests
Severity
7.5HIGHNVD
EPSS
0.2%
top 52.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 9
Latest updateNov 29
Description
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6
Affected Packages7 packages
Also affects: Ubuntu Linux 14.04, 16.04, 18.04, 18.10
Patches
🔴Vulnerability Details
4📋Vendor Advisories
4Red Hat
▶
Debian▶
CVE-2018-18074: requests - The Requests package before 2.20.0 for Python sends an HTTP Authorization header...↗2018
💬Community
10Bugzilla▶
CVE-2018-18074 python-pip-epel: python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [epel-7]↗2019-11-29
Bugzilla▶
CVE-2018-18074 python3-virtualenv: python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [epel-7]↗2019-11-29
Bugzilla▶
CVE-2018-18074 python-virtualenv: python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [fedora-30]↗2019-11-29
Bugzilla▶
CVE-2018-18074 python3-requests: python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [epel-6]↗2019-11-29
Bugzilla▶
CVE-2018-18074 python-pip: python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [epel-6]↗2019-11-29