René's URL Explorer Experiment


Title: Issue 32085: [Security] A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages! - Python tracker

Mail addresses
admin@orange.tw
admin@orange.tw

direct link

Domain: bugs.python.org

Nonetext/html; charset=utf-8

Links:

https://bugs.python.org/
Python Homehttps://www.python.org/
Abouthttps://www.python.org/about/
Newshttps://www.python.org/blogs/
Documentationhttps://www.python.org/doc/
Downloadshttps://www.python.org/downloads/
Communityhttps://www.python.org/community/
Foundationhttps://www.python.org/psf/
Developer's Guidehttps://devguide.python.org/
Issue Trackerhttps://bugs.python.org/
Searchhttps://bugs.python.org/issue?@template=search&status=1
Random Issuehttps://bugs.python.org/issue?@action=random
Issues with patchhttps://bugs.python.org/issue?status=1&@sort=-activity&@columns=id%2Cgithub%2Cactivity%2Ctitle%2Ccreator%2Cstatus&@dispname=Issues%20with%20patch&@startwith=0&@group=priority&keywords=2&@action=search&@filter=&@pagesize=50
Easy issueshttps://bugs.python.org/issue?status=1&@sort=-activity&@columns=id%2Cgithub%2Cactivity%2Ctitle%2Ccreator%2Cstatus&@dispname=Easy%20issues&@startwith=0&@group=priority&keywords=6&@action=search&@filter=&@pagesize=50
Statshttps://bugs.python.org/issue?@template=stats
Lost your login?https://bugs.python.org/user?@template=forgotten
User Listhttps://bugs.python.org/user?@sort=username
Committer Listhttps://bugs.python.org/user?iscommitter=1&@action=search&@sort=username&@pagesize=300
Tracker Documentationhttp://docs.python.org/devguide/triaging.html
Tracker Developmenthttp://wiki.python.org/moin/TrackerDevelopment
Report Tracker Problemhttps://github.com/python/psf-infra-meta/issues
https://github.com/python/cpython/issues
GitHubhttps://github.com/python/cpython/issues
see the GitHub FAQs in the Python's Developer Guide.https://devguide.python.org/gh-faq/
This issue has been migrated to GitHub: https://github.com/python/cpython/issues/76266 https://github.com/python/cpython/issues/76266
Titlehttp://docs.python.org/devguide/triaging.html#title
Typehttp://docs.python.org/devguide/triaging.html#type
Stagehttp://docs.python.org/devguide/triaging.html#stage
Componentshttp://docs.python.org/devguide/triaging.html#components
Versionshttp://docs.python.org/devguide/triaging.html#versions
Statushttp://docs.python.org/devguide/triaging.html#status
Resolutionhttp://docs.python.org/devguide/triaging.html#resolution
Dependencieshttp://docs.python.org/devguide/triaging.html#dependencies
30458https://bugs.python.org/issue30458
32185https://bugs.python.org/issue32185
Supersederhttp://docs.python.org/devguide/triaging.html#superseder
Assigned Tohttp://docs.python.org/devguide/triaging.html#assigned-to
Nosy Listhttp://docs.python.org/devguide/triaging.html#nosy-list
Priorityhttp://docs.python.org/devguide/triaging.html#priority
Keywordshttp://docs.python.org/devguide/triaging.html#keywords
msg306543https://bugs.python.org/issue32085#msg306543
(view)https://bugs.python.org/msg306543
bpo-30500https://bugs.python.org/issue30500
http://python-security.readthedocs.io/vuln/bpo-30500_urllib_connects_to_a_wrong_host.htmlhttp://python-security.readthedocs.io/vuln/bpo-30500_urllib_connects_to_a_wrong_host.html
https://www.blackhat.com/us-17/briefings/schedule/#a-new-era-of-ssrf---exploiting-url-parser-in-trending-programming-languages-6292https://www.blackhat.com/us-17/briefings/schedule/#a-new-era-of-ssrf---exploiting-url-parser-in-trending-programming-languages-6292
https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdfhttps://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf
http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.htmlhttp://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html
https://twitter.com/orange_8361https://twitter.com/orange_8361
http://127.0.0.1:25/%0D%0AHELOhttp://127.0.0.1:25/%0D%0AHELO
https://127.0.0.1https://127.0.0.1
msg306980https://bugs.python.org/issue32085#msg306980
(view)https://bugs.python.org/msg306980
http://127.0.0.1:25/\r\nHELOhttp://127.0.0.1:25/\r\nHELO
Issue 30458https://bugs.python.org/issue30458
Issue 22928https://bugs.python.org/issue22928
https://hosthttps://host
msg307418https://bugs.python.org/issue32085#msg307418
(view)https://bugs.python.org/msg307418
Issue 32185https://bugs.python.org/issue32185
msg313709https://bugs.python.org/issue32085#msg313709
(view)https://bugs.python.org/msg313709
issue 32185https://bugs.python.org/issue32185
msg402393https://bugs.python.org/issue32085#msg402393
(view)https://bugs.python.org/msg402393
msg402393https://bugs.python.org/msg402393
cheryl.sabellahttps://bugs.python.org/user25861
christian.heimeshttps://bugs.python.org/user3108
msg313709https://bugs.python.org/msg313709
SSLContext.wrap_socket sends SNI Extension when server_hostname is IPhttps://bugs.python.org/issue32185
msg307418https://bugs.python.org/msg307418
orangehttps://bugs.python.org/user26211
martin.panterhttps://bugs.python.org/user14751
[security][CVE-2019-9740][CVE-2019-9947] HTTP Header Injection (follow-up of CVE-2016-5699)https://bugs.python.org/issue30458
msg306980https://bugs.python.org/msg306980
The Python Software Foundationhttps://python.org/psf-landing/
Rounduphttp://roundup.sourceforge.net
Python Software Foundationhttp://python.org/psf
Legal Statementshttp://python.org/about/legal

URLs of crawlers that visited me.