Ubuntu 25.04: pip Critical Security Flaws Vulnerability USN-7762-1

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in pip. Software Description: - python-pip: Python package installer Details: Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information. This update addresses the issue in the Requests module bundled into pip in Ubuntu 22.04 LTS. (CVE-2023-32681) It was discovered that urllib3 didn't strip HTTP body on status code 303 redirects under certain circumstances. A remote attacker could possibly use this issue to obtain sensitive information. This update addresses the issue in the urllib3 module bundled into pip in Ubuntu 24.04 LTS. (CVE-2023-45803) Guido Vranken discovered that idna did not properly manage certain inputs, which could lead to significant resource consumption. An attacker c...