Posts Tagged: requests
-
CVE-2024-XXXXX: SSRF Vulnerability in Requests 2.31.0 and Mitigation Strategies
CVE-2024-XXXXX in requests 2.31.0 enables SSRF via malformed URLs. Mitigation: upgrade to 2.32+, lock dependencies with uv or pip-tools, audit with pip-audit or Safety.
-
Detecting Malicious PyPI Packages: Typosquatting Attacks on requests, urllib3, and pillow
Detect typosquatting PyPI packages mimicking requests urllib3 pillow: low downloads, suspicious uploaders, few versions. Python supply chain security script queries PyPI API/stats, flags risks. Prevent supply-chain attacks – actionable audit steps, CI integration.