What is CVE-2024-35195?

A medium-severity vulnerability exists in the Requests library prior to version 2.32.0, affecting certificate verification during HTTP requests. Immediate remediation is advisable to mitigate associated risks.

What is the severity of CVE-2024-35195?

CVE-2024-35195 has a severity rating of MEDIUM with a CVSS base score of 5.6.

CVE-2024-35195 | Medium Severity Vulnerability in Requests Library

This vulnerability allows users to disable certificate verification in the Requests library, leading to potential security risks.

The vulnerability has a CVSS score of 5.6, classifying it as medium severity. This means that it poses a moderate risk to organizations, particularly in cases where sensitive data is transmitted over HTTP without proper verification.

Risk to organizations includes potential exposure to man-in-the-middle attacks and unauthorized access to sensitive information.

Currently, there is no public exploit confirmed for this vulnerability, but organizations should remain vigilant.

Organizations should address this vulnerability in their priority patch cycle.

Vulnerability Details

Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. This vulnerability is fixed in 2.32.0.

The CVSS score is assessed at 5.6, indicating a medium severity level. This score reflects factors such as the attack vector being local, the attack complexity being high, and that it requires high privileges and user interaction.

The affected product is the Requests library, specifically versions prior to 2.32.0. The vulnerability was published on May 20, 2024.

Technical Analysis

The root cause of this vulnerability stems from the handling of certificate verification settings within the Requests library. When a user disables certificate verification for the first request, the library fails to re-enable it for subsequent requests to the same host, which could lead to security bypass.

The attack vector for this vulnerability is local, meaning that an attacker would need to have access to the local environment where the Requests library is being used. The complexity of the attack is high, requiring specific conditions to be met for exploitation.

This vulnerability requires high privileges and user interaction to initiate the exploit. If successful, the impact on confidentiality and integrity is high, while the availability impact is none.

Risk & Impact Analysis

This vulnerability poses a significant risk to organizations using the Requests library for HTTP communications, particularly when handling sensitive data. The inability to verify certificates after disabling the verification flag could lead to unauthorized access and data breaches.

Organizations should prioritize patching immediately to mitigate the potential for exploitation. The blast radius for this vulnerability could be extensive, depending on the number of applications utilizing the affected library.

The urgency for remediation is underscored by the CVSS score and the potential exposure to significant threats.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions prior to vendor patch 2.32.0 are affected by this vulnerability.

Mitigation & Remediation

Organizations should upgrade to Requests version 2.32.0 or later to mitigate this vulnerability.

If immediate upgrading is not possible, consider implementing configuration hardening to avoid disabling certificate verification.

Additionally, organizations may want to conduct a security assessment through application security assessment to identify vulnerabilities in their systems.

Detection Guidance

Monitor logs for any indications of requests made with verify set to false, particularly after initial requests. Look for behavioral anomalies that might suggest an unauthorized access attempt.

AppSecure Threat Intelligence Insight

The long-term significance of this vulnerability emphasizes the critical importance of secure coding practices in libraries widely used in development.

Security teams should remain vigilant and conduct regular audits to ensure that all dependencies are kept up-to-date and secure.

For enhanced protection, organizations should implement penetration testing as part of their security strategy.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2024-35195: Medium Severity Vulnerability in Requests Library