August 13, 2023
A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain or protocol filtering methods implemented with a blocklist, ultimately resulting in arbitrary file reads and command execution.
“urlparse has a parsing problem when the entire URL starts with blank characters,” the CERT Coordination Center (CERT/CC) said in a Friday
“urlparse has a parsing problem when the entire URL starts with blank characters,” the CERT Coordination Center (CERT/CC) said in a Friday
Article posted by: https://thehackernews.com/2023/08/new-python-url-parsing-flaw-enables.html
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com
