CVE-2024-35195
ADVISORY - githubSummary
When using a requests.Session, if the first request to a given origin is made with verify=False, TLS certificate verification may remain disabled for all subsequent requests to that origin, even if verify=True is explicitly specified later.
This occurs because the underlying connection is reused from the session's connection pool, causing the initial TLS verification setting to persist for the lifetime of the pooled connection. As a result, applications may unintentionally send requests without certificate verification, leading to potential man-in-the-middle attacks and compromised confidentiality or integrity.
This behavior affects versions of requests prior to 2.32.0.
EPSS Score: 0.00044 (0.136)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Always-Incorrect Control Flow Implementation
ADVISORY - github
Always-Incorrect Control Flow Implementation
ADVISORY - gitlab
ADVISORY - redhat
Always-Incorrect Control Flow Implementation
NIST
CREATED
UPDATED
ADVISORY IDCVE-2024-35195
EXPLOITABILITY SCORE
0.3
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.6mediumGitHub
CREATED
UPDATED
ADVISORY IDGHSA-9wx4-h78v-vm56
EXPLOITABILITY SCORE
0.3
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.6mediumAlpine
CREATED
UPDATED
ADVISORY IDCVE-2024-35195
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Debian
CREATED
UPDATED
ADVISORY IDCVE-2024-35195
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2024-35195
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAlma
CREATED
UPDATED
ADVISORY IDALSA-2025:0012
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAlma
CREATED
UPDATED
ADVISORY IDALSA-2025:7049
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2-2024-2654
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2-2024-2715
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2-2025-2846
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2-2025-2868
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2023-2024-732
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2023-2024-780
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2023-2024-781
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2023-2024-782
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumAmazon
CREATED
UPDATED
ADVISORY IDALAS2023-2025-957
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2024-35195
EXPLOITABILITY SCORE
0.3
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.6mediumRocky
CREATED
UPDATED
ADVISORY IDRLSA-2025:0012
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowRocky
CREATED
UPDATED
ADVISORY IDRLSA-2025:7049
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowOracle
CREATED
UPDATED
ADVISORY IDELSA-2025-0012
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumOracle
CREATED
UPDATED
ADVISORY IDELSA-2025-7049
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumChainguard
CREATED
UPDATED
ADVISORY ID
CGA-26vv-f9rg-3gr8
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-2qh2-jp77-wp2x
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-32qh-xq5g-9xq4
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-3723-3r7v-38p2
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-432x-3phh-56c7
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-4354-v6cq-3f5f
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-4xx2-v3vc-q5x8
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-5g3x-7m89-wx8r
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-6rf6-59qq-87jc
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-6v4c-f9mw-8ghc
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-74xp-46xv-7q3v
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-77h5-pgh2-r2fg
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-8296-pxcv-4w67
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-8mx8-8v5r-99xg
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-fff7-969w-wcq5
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-gffw-5x3v-mjw8
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-h732-75mv-vfrp
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-hf9v-fwg4-2jvw
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-hhrg-5mf5-r2p5
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-jcgc-jpw2-xpqq
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-p79x-5pxg-f77m
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-phrh-j36c-pqjq
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-rrq3-6489-25cv
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-v263-vf6g-w8hh
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-v542-whj6-7mj4
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-vq3j-qcvx-h7px
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-whqq-jwxh-vf92
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-x395-8f45-7j43
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Photon
CREATED
UPDATED
ADVISORY ID
CVE-2024-35195
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-