CVE-2015-2296 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.8 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:P/I:P/A:P
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 73%

Vendor	Product	Version
mageia_project	mageia	4.0
python	requests	2.1.0
python	requests	2.2.1
python	requests	2.3.0
python	requests	2.4.0
python	requests	2.4.1
python	requests	2.4.2
python	requests	2.4.3
python	requests	2.5.0
python	requests	2.5.1
python	requests	2.5.2
python	requests	2.5.3
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	14.10

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

requests

bullseye	2.25.1+dfsg-2 fixed
wheezy	not-affected
bookworm	2.28.1+dfsg-1 fixed
sid	2.32.3+dfsg-1 fixed
trixie	2.32.3+dfsg-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

requests

utopic	Fixed 2.3.0-1ubuntu0.1 released
trusty	Fixed 2.2.1-1ubuntu0.2 released
precise	not-affected
lucid	dne

References

http://advisories.mageia.org/MGASA-2015-0120.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html

http://www.mandriva.com/security/advisories?name=MDVSA-2015:133

http://www.openwall.com/lists/oss-security/2015/03/14/4

http://www.openwall.com/lists/oss-security/2015/03/15/1

http://www.ubuntu.com/usn/USN-2531-1

https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc

https://warehouse.python.org/project/requests/2.6.0/

http://advisories.mageia.org/MGASA-2015-0120.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html

http://www.mandriva.com/security/advisories?name=MDVSA-2015:133

http://www.openwall.com/lists/oss-security/2015/03/14/4

http://www.openwall.com/lists/oss-security/2015/03/15/1

http://www.ubuntu.com/usn/USN-2531-1

https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc

https://warehouse.python.org/project/requests/2.6.0/