CVE-2015-2296 vulnerability in Python and Other Products
Published on March 18, 2015

The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.<a href="http://cwe.mitre.org/data/definitions/384.html">CWE-384: Session Fixation</a>

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2015-2296

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2015-2296 are published in these products:

Python Requests

Canonical Ubuntu Linux

Mageiaproject Mageia

Exploit Probability

EPSS

1.14%

Percentile

78.18%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2015-2296 vulnerability in Python and Other ProductsPublished on March 18, 2015

Products Associated with CVE-2015-2296

Exploit Probability

CVE-2015-2296 vulnerability in Python and Other Products
Published on March 18, 2015