CVE Report: requests version in teamRouter
leuf-soptim opened this issue · 1 comments
We have received a CVE-Report alarm in teamRouter-main: Requests library neeeds to be updated to 2.32.0+ to fix the vulnerability.
Description from CVE-Report:
Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verify. This behavior will continue for the lifecycle of the connection in the connection pool. This vulnerability is fixed in 2.32.0.
Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 7 days it will automatically be closed.