Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)
Details
CVSS v3
5.6
NVD published
2024-05-20 21:15:09
EPSS
<0.1% probability · 13.3th percentile — 2026-03-16
Affected versions
Not available in our cache.
Summary
Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. This vulnerability is fixed in 2.32.0.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.