{ads}

New Python URL Parsing Flaw Enables Command Injection Attacks

Written By Friday, 11 August 2023 Add Comment



August 12, 2023 at 11:33AM

A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain or protocol filtering methods implemented with a blocklist, ultimately resulting in arbitrary file reads and command execution. "urlparse has a parsing problem when the entire URL starts with blank characters," the CERT Coordination Center (CERT/CC) said in a Friday

from The Hacker News https://ift.tt/LDnaVRr

0 Response to "New Python URL Parsing Flaw Enables Command Injection Attacks"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads