CVE-2023-26159 | follow-redirects up to 1.15.3 url.parse hostname input validation (Issue 235)

Posted by Angelo Barbosa | Jan 2, 2024 | CVE

A vulnerability has been found in follow-redirects up to 1.15.3 and classified as critical. This vulnerability affects the function url.parse. The manipulation of the argument hostname leads to improper input validation.

This vulnerability was named CVE-2023-26159. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-26159 | follow-redirects up to 1.15.3 url.parse hostname input validation (Issue 235)

Related Posts

CVE-2024-8375 | Google Deepmind Reverb RPC Endpoint deserialization

CVE-2023-40550 | rhboot shim verify_buffer_sbat out-of-bounds

CVE-2024-33002 | SAP S4 HANA Document Service Handler for DPS cross site scripting

CVE-2024-42440 | Zoom Workplace Desktop App/Meeting SDK up to 6.0.x untrusted search path