The War Room

1 readers

1 users here now

Community for various OSINT news and subject matter for open discussion or dissemination elsewhere

founded 1 year ago

MODERATORS

[email protected]

New Python URL Parsing Flaw Enables Command Injection Attacks (thehackernews.com)

submitted 1 year ago by [email protected] to c/[email protected]

0 comments fedilink hide all child comments

New Python URL Parsing Flaw Enables Command Injection Attacks

A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain or protocol filtering methods implemented with a blocklist, ultimately resulting in arbitrary file reads and command execution. "urlparse has a parsing problem when the entire URL starts with blank characters," the CERT Coordination Center (CERT/CC) said in a Friday

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here