Close Menu

    CVE-2024-47081 – Requests .netrc Credential Leakage Vulnerability

    CVE ID : CVE-2024-47081

    Published : June 9, 2025, 6:15 p.m. | 2 hours, 12 minutes ago

    Description : Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one’s Requests Session.

    Severity: 5.3 | MEDIUM

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Related Posts

    Leave A Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.