Removal of e-Tugra root certificate High
#3 opened February 1, 2024 21:30 • Detected in certifi (pip) • components/mbedtls/mbedtls/docs/requirements.txt
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter Moderate
#6 opened February 1, 2024 21:30 • Detected in jinja2 (pip) • components/mbedtls/mbedtls/docs/requirements.txt
urllib3's request body not stripped after redirect from 303 status changes request method to GET Moderate
#5 opened February 1, 2024 21:30 • Detected in urllib3 (pip) • components/mbedtls/mbedtls/docs/requirements.txt
Cookie HTTP header isn't stripped on cross-origin redirects Moderate
#4 opened February 1, 2024 21:30 • Detected in urllib3 (pip) • components/mbedtls/mbedtls/docs/requirements.txt
Pygments vulnerable to ReDoS Moderate
#2 opened February 1, 2024 21:30 • Detected in Pygments (pip) • components/mbedtls/mbedtls/docs/requirements.txt
Unintended leak of Proxy-Authorization header in requests Moderate
#1 opened February 1, 2024 21:30 • Detected in requests (pip) • components/mbedtls/mbedtls/docs/requirements.txt
Removal of e-Tugra root certificate High #3 opened February 1, 2024 21:30 • Detected in certifi (pip) • components/mbedtls/mbedtls/docs/requirements.txt
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter Moderate #6 opened February 1, 2024 21:30 • Detected in jinja2 (pip) • components/mbedtls/mbedtls/docs/requirements.txt
urllib3's request body not stripped after redirect from 303 status changes request method to GET Moderate #5 opened February 1, 2024 21:30 • Detected in urllib3 (pip) • components/mbedtls/mbedtls/docs/requirements.txt
Cookie
HTTP header isn't stripped on cross-origin redirects Moderate #4 opened February 1, 2024 21:30 • Detected in urllib3 (pip) • components/mbedtls/mbedtls/docs/requirements.txtPygments vulnerable to ReDoS Moderate #2 opened February 1, 2024 21:30 • Detected in Pygments (pip) • components/mbedtls/mbedtls/docs/requirements.txt
Unintended leak of Proxy-Authorization header in requests Moderate #1 opened February 1, 2024 21:30 • Detected in requests (pip) • components/mbedtls/mbedtls/docs/requirements.txt