CVE-2019-9636 (Python) urlsplit does not handle NFKC normalization

Preface: Python is used quite a lot in robotics. Apply artificial intelligence to robots using Python .

Why choose Python?
Less Code: Python can implement the same logic with as much as 1/5th code as compared to other OOPs languages.

Prebuilt Libraries: include Numpy for scientific computation, Scipy for advanced computing and Pybrain for machine learning.

Vulnerability detail – announce on 6th Mar 2019:
A vulnerability in the the urllib.parse.urlsplit and urllib.parse.urlparse components of Python could allow an unauthenticated, remote attacker to obtain sensitive information from a targeted system.

Official announcement: https://bugs.python.org/issue36216

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.