Debian LTS python-urllib3 Serious Information Leak Resolution DLA-4651-1
It was discovered that python-urllib3, an HTTP library with thread-safe connection pooling for Python, did not strip out sensitive headers (such as `Authorization` or `Cookie`) during cross-origin redirects followed from the low-level API, which could lead to information disclosure or authorization bypass.LinuxSecurity – Security AdvisoriesRead More