USN-3790-1: Requests vulnerability
It was discovered that Requests incorrectly handled certain HTTP headers. An attacker could possibly use this issue to access sensitive information.
CVEs contained in this USN include: CVE-2018-18074
Severity is medium unless otherwise noted.
- Pivotal Operations Manager is vulnerable in the following releases:
- 2.3.x versions prior to 2.3.3
- 2.2.x versions prior to 2.2.8
- 2.1.x versions prior to 2.1.17
Users of affected versions should apply the following mitigation:
- Releases that have fixed this issue include:
- Pivotal Operations Manager: 2.3.3, 2.2.8, 2.1.17