The Latest in IT Security

Industrial Firms Advised Not to Ignore Security Risks Posed by URL Parsing Confusion

11
Jan
2022
Industrial Firms Advised Not to Ignore Security Risks Posed by URL Parsing Confusion

image credit: pexels

Different libraries can parse the same URL in different ways and these inconsistencies can lead to unexpected behavior that could be abused by malicious actors.

Researchers from Claroty and Snyk have analyzed 16 URL parsing libraries, including urllib, urllib3, rfc3986, httptools (all written in Python), libcurl (cURL), Wget (Chrome), Uri (.NET), URL (Java), URI (Java), parse_url (PHP), url and url-parse (NodeJS), net/url (Go), uri (Ruby) and URI (Perl).

Read More

Comments are closed.

Categories

SUNDAY, JANUARY 23, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments