CVE-2023-24329 Information

Description

An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

Reference

https://pointernull.com/security/python-url-parse-problem.html https://pointernull.com/security/python-url-parse-problem.html https://github.com/python/cpython/pull/99421 An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.