{"vulnerability": "GHSA-9HJG-9R4M-MVJ7", "sightings": [{"uuid": "3d0a29ef-3c4c-44d3-90be-5a5d566b4a21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-9hjg-9r4m-mvj7", "type": "seen", "source": "https://gist.github.com/Token-Eater/a4d1d6ce67e8450e1a8f456b468e3599", "content": "", "creation_timestamp": "2025-11-05T11:48:09.000000Z"}, {"uuid": "9e9ca9be-5cb4-4cbb-b716-804441770c33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-9hjg-9r4m-mvj7", "type": "seen", "source": "https://gist.github.com/Token-Eater/3d3edb1aabe326b71377581a9ce3b805", "content": "", "creation_timestamp": "2025-11-05T11:55:10.000000Z"}, {"uuid": "7b6df33e-b8cc-4ce8-aa17-d03caac1b5b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-9HJG-9R4M-MVJ7", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17750", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47081\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.\n\ud83d\udccf Published: 2025-06-09T17:57:47.731Z\n\ud83d\udccf Modified: 2025-06-09T18:40:40.996Z\n\ud83d\udd17 References:\n1. https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7\n2. https://github.com/psf/requests/pull/6965\n3. https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\n4. https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env\n5. https://seclists.org/fulldisclosure/2025/Jun/2", "creation_timestamp": "2025-06-09T19:48:12.000000Z"}]}