Industrial Firms Advised Not to Ignore Security Risks Posed by URL Parsing Confusion

Jan

2022

Industrial Firms Advised Not to Ignore Security Risks Posed by URL Parsing Confusion

image credit: pexels

Different libraries can parse the same URL in different ways and these inconsistencies can lead to unexpected behavior that could be abused by malicious actors.

Researchers from Claroty and Snyk have analyzed 16 URL parsing libraries, including urllib, urllib3, rfc3986, httptools (all written in Python), libcurl (cURL), Wget (Chrome), Uri (.NET), URL (Java), URI (Java), parse_url (PHP), url and url-parse (NodeJS), net/url (Go), uri (Ruby) and URI (Perl).

Written by Securityweek

0 Comments

Comments are closed.

Archives

Archives

About Us

Our mission is to help users and also IT security passionate to reach relevant information related to cyber security.

This publication contains a lot of information and guidance on how to better protect your IT systems, data and activities from malicious factors, and also on how to safely navigate the Internet.

We look forward to hearing from you about cyber safety. Please let us know if there’s something specific you’re interested in learning about.

Contact Us

Name *
Your name is required

E-mail *
Email address entered is invalid

Please enter a message

Incorrect security code

The Latest in IT Security

Industrial Firms Advised Not to Ignore Security Risks Posed by URL Parsing Confusion

Categories

Featured

Archives

Latest Comments

About Us

Contact Us