CVE-2025-0938 | Python up to 3.14.0a3 URL Parser urllib.parse.urlsplit/urlparse input validation (Issue 105704)

Posted by Angelo Barbosa | Jan 31, 2025 | CVE

A vulnerability was found in Python up to 3.14.0a3. It has been classified as problematic. This affects the function urllib.parse.urlsplit/urlparse of the component URL Parser. The manipulation leads to improper input validation.

This vulnerability is uniquely identified as CVE-2025-0938. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-0938 | Python up to 3.14.0a3 URL Parser urllib.parse.urlsplit/urlparse input validation (Issue 105704)

Related Posts

CVE-2024-4280 | White Label CMS Plugin up to 2.7.3 on WordPress Setting authorization

CVE-2024-31366 | Themify Post Type Builder Plugin up to 2.0.8 on WordPress authorization

CVE-2023-6879 | libaom up to 3.7.0 Multi-Thread av1_loop_restoration_dealloc heap-based overflow

CVE-2025-23022 | FreeType 2.8.1 cff/cf2intrp.c cf2_doFlex integer overflow (Issue 1312)