Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.2.1-1ubuntu0.1", "binary_name": "python-requests" }, { "binary_version": "2.2.1-1ubuntu0.1", "binary_name": "python3-requests" } ] }