It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information.
Continue reading...
Continue reading...
Ubuntu Security Update USN-7084-1: urllib3 vulnerability
- Thread starter LinuxBot
- Start date
