Skip to main content

Httpie

4 CVEs product

Monthly

CVE-2023-48052 PyPI HIGH PATCH This Week

Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Httpie
NVD
CVSS 3.1
7.4
EPSS
0.3%
CVE-2022-0430 PyPI MEDIUM POC PATCH This Month

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Httpie
NVD GitHub
CVSS 3.1
5.3
EPSS
1.3%
CVE-2022-24737 PyPI MEDIUM POC PATCH This Month

HTTPie is a command-line HTTP client. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Httpie Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
1.6%
CVE-2019-10751 PyPI HIGH POC PATCH This Week

All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Httpie
NVD GitHub
CVSS 3.0
8.8
EPSS
2.0%
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Httpie
NVD
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Httpie
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

HTTPie is a command-line HTTP client. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Httpie Fedora
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Httpie
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy