🔐 Security Vulnerabilities Detected by CybeDefend
1 occurrence(s) of Requests vulnerable to .netrc credentials leak via malicious URLs detected.
Highest Severity: 🟡 MEDIUM
Description
Impact
Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs.
Workarounds
For older versions of Requests, use of the .netrc file can be disabled with trust_env=False on your Requests Session (docs).
References
psf/requests#6965
https://seclists.org/fulldisclosure/2025/Jun/2
Affected Locations
requests@>=0.0.0
- Unknown line - 🟡 MEDIUM - View
This issue was automatically created by CybeDefend
🔐 Security Vulnerabilities Detected by CybeDefend
1 occurrence(s) of Requests vulnerable to .netrc credentials leak via malicious URLs detected.
Highest Severity: 🟡 MEDIUM
Description
Impact
Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs.
Workarounds
For older versions of Requests, use of the .netrc file can be disabled with
trust_env=Falseon your Requests Session (docs).References
psf/requests#6965
https://seclists.org/fulldisclosure/2025/Jun/2
Affected Locations
requests@>=0.0.0This issue was automatically created by CybeDefend