[issue42967] [CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator
Matej Cepl
report at bugs.python.org
Fri Feb 26 13:05:18 EST 2021
Matej Cepl <mcepl at cepl.eu> added the comment:
Port of the patch to 2.7.18.
----------
Added file: https://bugs.python.org/file49839/CVE-2021-23336-only-amp-as-query-sep.patch
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue42967>
_______________________________________
More information about the Python-bugs-list
mailing list