{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-47081", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-09-17T17:42:37.030Z", "datePublished": "2025-06-09T17:57:47.731Z", "dateUpdated": "2025-06-09T18:40:40.996Z"}, "containers": {"cna": {"title": "Requests vulnerable to .netrc credentials leak via malicious URLs", "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "lang": "en", "description": "CWE-522: Insufficiently Protected Credentials", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7"}, {"name": "https://github.com/psf/requests/pull/6965", "tags": ["x_refsource_MISC"], "url": "https://github.com/psf/requests/pull/6965"}, {"name": "https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef", "tags": ["x_refsource_MISC"], "url": "https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef"}, {"name": "https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env", "tags": ["x_refsource_MISC"], "url": "https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env"}, {"name": "https://seclists.org/fulldisclosure/2025/Jun/2", "tags": ["x_refsource_MISC"], "url": "https://seclists.org/fulldisclosure/2025/Jun/2"}], "affected": [{"vendor": "psf", "product": "requests", "versions": [{"version": "< 2.32.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-06-09T17:57:47.731Z"}, "descriptions": [{"lang": "en", "value": "Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session."}], "source": {"advisory": "GHSA-9hjg-9r4m-mvj7", "discovery": "UNKNOWN"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jun/2"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/03/9"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/03/11"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/04/1"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/04/6"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-06-09T18:04:45.705Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-09T18:39:03.849116Z", "id": "CVE-2024-47081", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-09T18:40:40.996Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-47081", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-09-17T17:42:37.030Z", "datePublished": "2025-06-09T17:57:47.731Z", "dateUpdated": "2025-06-09T18:40:40.996Z"}, "containers": {"cna": {"title": "Requests vulnerable to .netrc credentials leak via malicious URLs", "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "lang": "en", "description": "CWE-522: Insufficiently Protected Credentials", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7"}, {"name": "https://github.com/psf/requests/pull/6965", "tags": ["x_refsource_MISC"], "url": "https://github.com/psf/requests/pull/6965"}, {"name": "https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef", "tags": ["x_refsource_MISC"], "url": "https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef"}, {"name": "https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env", "tags": ["x_refsource_MISC"], "url": "https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env"}, {"name": "https://seclists.org/fulldisclosure/2025/Jun/2", "tags": ["x_refsource_MISC"], "url": "https://seclists.org/fulldisclosure/2025/Jun/2"}], "affected": [{"vendor": "psf", "product": "requests", "versions": [{"version": "< 2.32.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-06-09T17:57:47.731Z"}, "descriptions": [{"lang": "en", "value": "Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session."}], "source": {"advisory": "GHSA-9hjg-9r4m-mvj7", "discovery": "UNKNOWN"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jun/2"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/03/9"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/03/11"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/04/1"}, {"url": "http://www.openwall.com/lists/oss-security/2025/06/04/6"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-06-09T18:04:45.705Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-47081", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-09T18:39:03.849116Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-09T18:39:45.731Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session."}, {"lang": "es", "value": "Requests es una librer\u00eda HTTP. Debido a un problema de an\u00e1lisis de URL, las versiones de Requests anteriores a la 2.32.4 pueden filtrar credenciales .netrc a terceros para URL espec\u00edficas manipuladas con fines maliciosos. Los usuarios deben actualizar a la versi\u00f3n 2.32.4 para obtener una soluci\u00f3n. En versiones anteriores de Requests, el uso del archivo .netrc se puede desactivar con `trust_env=False` en la sesi\u00f3n de Requests."}], "id": "CVE-2024-47081", "lastModified": "2025-06-12T16:06:47.857", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-06-09T18:15:24.983", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef"}, {"source": "security-advisories@github.com", "url": "https://github.com/psf/requests/pull/6965"}, {"source": "security-advisories@github.com", "url": "https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7"}, {"source": "security-advisories@github.com", "url": "https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env"}, {"source": "security-advisories@github.com", "url": "https://seclists.org/fulldisclosure/2025/Jun/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jun/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2025/06/03/11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2025/06/03/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2025/06/04/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2025/06/04/6"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "requests: Requests vulnerable to .netrc credentials leak via malicious URLs", "id": "2371272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2371272"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-522", "details": ["Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.", "A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-47081", "package_state": [{"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Out of support scope", "package_name": "rhai/assisted-installer-agent-rhel9", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform 2"}, {"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Out of support scope", "package_name": "rhai/assisted-installer-controller-rhel9", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform 2"}, {"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Out of support scope", "package_name": "rhai/assisted-installer-rhel9", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform 2"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Fix deferred", "package_name": "openshift-builds/openshift-builds-shared-resource-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Fix deferred", "package_name": "openshift-builds/openshift-builds-shared-resource-webhook-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:confidential_compute_attestation:1", "fix_state": "Fix deferred", "package_name": "confidential-compute-attestation-tech-preview/trustee-rhel9", "product_name": "Confidential Compute Attestation"}, {"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2", "fix_state": "Fix deferred", "package_name": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle", "product_name": "Custom Metric Autoscaler operator for Red Hat Openshift"}, {"cpe": "cpe:/a:redhat:multiarch_tuning_operator", "fix_state": "Fix deferred", "package_name": "multiarch-tuning/multiarch-tuning-rhel9-operator", "product_name": "Multiarch Tuning Operator"}, {"cpe": "cpe:/a:redhat:network_observ_optr:1", "fix_state": "Will not fix", "package_name": "network-observability/network-observability-cli-rhel9", "product_name": "Network Observability Operator"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-istio-controller-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-cni-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-must-gather-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-pilot-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-proxyv2-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-rhel9-operator", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-sail-operator-bundle", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/kiali-ossmc-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/kiali-rhel9-operator", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Fix deferred", "package_name": "rhaiis/vllm-cuda-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Fix deferred", "package_name": "rhaiis/vllm-rocm-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:quarkus:3", "fix_state": "Fix deferred", "package_name": "mandrel-for-jdk-21-rhel8", "product_name": "Red Hat build of Quarkus Native builder"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Fix deferred", "package_name": "rhdh/rhdh-hub-rhel9", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Will not fix", "package_name": "rhdh/rhdh-rhel9-operator", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:discovery:1", "fix_state": "Fix deferred", "package_name": "discovery/discovery-server-rhel9", "product_name": "Red Hat Discovery 1"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "python-requests", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "python-pip", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "python-requests", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "resource-agents", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "fence-agents", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.11-pip", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.12-pip", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python39:3.9/python3x-pip", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "python39:3.9/python-requests", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python-pip", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "python-requests", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "resource-agents", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "rhel9/memcached", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:offline_knowledge_portal:1", "fix_state": "Fix deferred", "package_name": "offline-knowledge-portal/rhokp-rhel9", "product_name": "Red Hat Offline Knowledge Portal"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-dashboard-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-feast-operator-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-feature-server-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-kf-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-ml-pipelines-runtime-generic-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-modelmesh-runtime-adapter-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-model-registry-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-trustyai-service-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Fix deferred", "package_name": "python-requests", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "python-requests", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "satellite-capsule:el8/python-requests", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "satellite/iop-advisor-engine-rhel9", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:rhui:4::el8", "fix_state": "Fix deferred", "package_name": "python-requests", "product_name": "Red Hat Update Infrastructure 4 for Cloud Providers"}], "public_date": "2025-06-09T17:57:47Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-47081\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-47081\nhttp://seclists.org/fulldisclosure/2025/Jun/2\nhttp://www.openwall.com/lists/oss-security/2025/06/03/11\nhttp://www.openwall.com/lists/oss-security/2025/06/03/9\nhttp://www.openwall.com/lists/oss-security/2025/06/04/1\nhttp://www.openwall.com/lists/oss-security/2025/06/04/6\nhttps://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\nhttps://github.com/psf/requests/pull/6965\nhttps://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7\nhttps://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env\nhttps://seclists.org/fulldisclosure/2025/Jun/2"], "threat_severity": "Moderate"}