CVE-2023-26159 | follow-redirects up to 1.15.3 url.parse hostname input validation (Issue 235)

Posted by Angelo Barbosa | Jan 2, 2024 | CVE

A vulnerability has been found in follow-redirects up to 1.15.3 and classified as critical. This vulnerability affects the function url.parse. The manipulation of the argument hostname leads to improper input validation.

This vulnerability was named CVE-2023-26159. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-26159 | follow-redirects up to 1.15.3 url.parse hostname input validation (Issue 235)

Related Posts

CVE-2021-47116 | Linux Kernel up to 5.10.42/5.12.9 ext4 ext4_mb_init_backend memory leak (2050c6e5b161/04fb2baa0b14/a8867f4e3809)

CVE-2024-2654 | File Manager Plugin up to 7.2.5 on WordPress path traversal

CVE-2024-28075 | SolarWinds Access Rights Manager up to 2023.2.3 Service deserialization

CVE-2023-46147 | Themify Ultra Plugin up to 7.3.5 on WordPress deserialization