by @Smartkeyss
23 Feb 2024

CVE-2023-43804 (Urllib3 Vulnerability)

by @Smartkeyss
23 Feb 2024

CVE-2023-43804 (Urllib3 Vulnerability)

CVEs

8.1 High Severity

Apps

U
Urllib3Python
1.26.17.*
1.25.11.*
*.*
1.25.10.*
1.25.4.*
1.25.5.*
1.25.8.*
1.25.9.*
1.25.6.*
1.26.6.*

PoC video

Summary

CVE-2023-43804 (CVSS 5.9) is classified as a medium-risk vulnerability discovered in the Python library urllib3. urllib3 serves as an HTTP client library responsible for managing HTTP requests. The vulnerability arose from the exposure of cookie information during redirects, as urllib3 was not originally designed to handle such sensitive data.

Description

users/photos/clsevlral8gef1hon15grbvup.jpg

@Smartkeyss

59 posts

I am just curious 😊 I use simple words to explain complicated things.

Total vcoins

98.4K

Comments (0)