Authentication Bypass

Affecting urllib3 package, versions [,1.23)

Overview

urllib3 is a HTTP library with thread-safe connection pooling, file post, and more.

Affected versions of this package are vulnerable to Authentication Bypass. It did remove the Authorization HTTP header when following a cross-origin redirect. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.

Remediation

Upgrade urllib3 to version 1.23 or higher.

References

Do your applications use this vulnerable package?

CVSS Score

5.9
medium severity
  • Attack Vector
    Network
  • Attack Complexity
    High
  • Privileges Required
    None
  • User Interaction
    None
  • Scope
    Unchanged
  • Confidentiality
    High
  • Integrity
    None
  • Availability
    None
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Credit
Unknown
CVE
CVE-2018-20060
CWE
CWE-288
Snyk ID
SNYK-PYTHON-URLLIB3-72681
Disclosed
11 Dec, 2018
Published
12 Dec, 2018