SUSE-SU-2023:4352-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 02 Nov 2023, 16:53
Last modified:04 Feb 2026, 02:25
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
02 Nov 2023, 16:53
Published
Vulnerability first disclosed
04 Feb 2026, 02:25
Last Modified
Vulnerability information updated
Description
Security update for python-urllib3 This update for python-urllib3 fixes the following issues: - CVE-2023-45803: Fix a request body leak that could occur when receiving a 303 HTTP response (bsc#1216377). - CVE-2018-25091: Fixed a potential leak of the Authorization header during a cross-origin redirect (bsc#1216275). - CVE-2023-43804: Fixed a potential cookie leak via HTTP redirect if the user manually set the corresponding header (bsc#1215968).
Affected Systems
- suse•python-urllib3&distro=SUSE OpenStack Cloud 9
< 1.23-3.25.1
- suse•python-urllib3&distro=SUSE OpenStack Cloud Crowbar 9
< 1.23-3.25.1
References (7)
- https://www.suse.com/support/update/announcement/2023/suse-su-20234352-1/
- https://bugzilla.suse.com/1215968
- https://bugzilla.suse.com/1216275
- https://bugzilla.suse.com/1216377
- https://www.suse.com/security/cve/CVE-2018-25091
- https://www.suse.com/security/cve/CVE-2023-43804
- https://www.suse.com/security/cve/CVE-2023-45803