5.3
CVSS V3
Status
Justification
Impact
CVE-2024-47081 is patched via py3-pip/fix-CVE-2024-47081.patch. The scanner detects requests 2.32.3 in vendor.txt, but the actual vulnerability (using ri.netloc instead of ri.hostname) has been fixed. The patched code uses ri.hostname for netrc lookups, preventing credential leakage.
Status