CVE-2018-20060
Public on 2018-12-11
Modified on 2020-07-01
Description
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
Severity
Medium
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | python-urllib3 | 2019-06-11 | ALAS-2019-1224 | Fixed |
| Amazon Linux 2 - Core | python-urllib3 | 2019-05-16 | ALAS2-2019-1211 | Fixed |
| Amazon Linux 2 - Core | python-urllib3 | 2020-06-26 | ALAS2-2020-1446 | Fixed |
| Amazon Linux 2 - Core | python-virtualenv | 2020-04-20 | ALAS2-2020-1413 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 5.3 | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N |
| NVD | CVSSv2 | 5.0 | AV:N/AC:L/Au:N/C:P/I:N/A:N |
| NVD | CVSSv3 | 9.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |