CVE-2023-24329

Published: Feb 17, 2023

Modified: Nov 3, 2025

PUBLISHED

Description

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://pointernull.com/security/python-url-parse-problem.html

https://github.com/python/cpython/pull/99421

https://security.netapp.com/advisory/ntap-20230324-0004/

FEDORA-2023-b3a3df39dd

vendor-advisory

FEDORA-2023-406c1c6ed7

vendor-advisory

FEDORA-2023-1092538441

vendor-advisory

FEDORA-2023-63c69aa712

vendor-advisory

FEDORA-2023-96aa33f0d3

vendor-advisory

FEDORA-2023-953c2607d8

vendor-advisory

FEDORA-2023-2b25dd2a11

vendor-advisory

FEDORA-2023-994ecd7dbc

vendor-advisory

FEDORA-2023-690e150a39

vendor-advisory

FEDORA-2023-81bb8e3b99

vendor-advisory

FEDORA-2023-d8b0003ecd

vendor-advisory

FEDORA-2023-56cefa23df

vendor-advisory

https://github.com/python/cpython/issues/102153

FEDORA-2023-31888c4781

vendor-advisory

FEDORA-2023-acdfd145f2

vendor-advisory

FEDORA-2023-03599274db

vendor-advisory

FEDORA-2023-b854908745

vendor-advisory

FEDORA-2023-d294ef140e

vendor-advisory

FEDORA-2023-309cadedc6

vendor-advisory

FEDORA-2023-401947eb94

vendor-advisory

FEDORA-2023-f52390b9d2

vendor-advisory

FEDORA-2023-dd526ed2e4

vendor-advisory

VU#127587

third-party-advisory

[debian-lts-announce] 20230920 [SECURITY] [DLA 3575-1] python2.7 security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-24329

Description

Affected Products

References