[CVE-2015-2104] Urlparse insufficient validation leads to open redirect #67693
Description
| BPO | 23505 |
|---|---|
| Nosy | @orsenthil, @pitrou, @vstinner, @tiran, @benjaminp, @vadmium, @PaulMcMillan, @ztane, @epicfaace |
| Dependencies |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
assignee = None
closed_at = None
created_at = <Date 2015-02-24.00:11:53.909>
labels = ['type-security', '3.7', 'library']
title = '[CVE-2015-2104] Urlparse insufficient validation leads to open redirect'
updated_at = <Date 2019-10-24.10:32:56.296>
user = 'https://bugs.python.org/yaaboukir'bugs.python.org fields:
activity = <Date 2019-10-24.10:32:56.296>
actor = 'vstinner'
assignee = 'none'
closed = False
closed_date = None
closer = None
components = ['Library (Lib)']
creation = <Date 2015-02-24.00:11:53.909>
creator = 'yaaboukir'
dependencies = ['22852']
files = []
hgrepos = []
issue_num = 23505
keywords = []
message_count = 22.0
messages = ['236470', '236471', '236472', '237088', '237090', '237093', '237096', '237097', '237106', '237149', '237164', '237200', '237411', '237412', '240191', '240207', '240237', '277328', '277342', '277350', '277354', '322676']
nosy_count = 12.0
nosy_names = ['orsenthil', 'pitrou', 'vstinner', 'christian.heimes', 'benjamin.peterson', 'python-dev', 'martin.panter', 'PaulMcMillan', 'ztane', 'soilandreyes', 'yaaboukir', 'epicfaace']
pr_nums = []
priority = 'normal'
resolution = None
stage = None
status = 'open'
superseder = None
type = 'security'
url = 'https://bugs.python.org/issue23505'
versions = ['Python 2.7', 'Python 3.5', 'Python 3.6', 'Python 3.7']Linked PRs
- gh-67693: Fix urlunparse() and urlunsplit() for URIs with path starting with multiple slashes and no authority #113563
- [3.13] gh-67693: Fix urlunparse() and urlunsplit() for URIs with path starting with multiple slashes and no authority (GH-113563) #119023
- [3.12] gh-67693: Fix urlunparse() and urlunsplit() for URIs with path starting with multiple slashes and no authority (GH-113563) #119024
- [3.11] gh-67693: Fix urlunparse() and urlunsplit() for URIs with path starting with multiple slashes and no authority (GH-113563) #119025
- [3.10] gh-67693: Fix urlunparse() and urlunsplit() for URIs with path starting with multiple slashes and no authority (GH-113563) #119026
- [3.9] gh-67693: Fix urlunparse() and urlunsplit() for URIs with path starting with multiple slashes and no authority (GH-113563) #119027
- [3.8] gh-67693: Fix urlunparse() and urlunsplit() for URIs with path starting with multiple slashes and no authority (GH-113563) #119028