René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"[CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator","articleBody":"BPO | [42967](https://bugs.python.org/issue42967)\n--- | :---\nNosy | @malemburg, @gpshead, @orsenthil, @ned-deily, @mcepl, @merwok, @encukou, @ambv, @serhiy-storchaka, @pablogsal, @miss-islington, @ret2libc, @erlend-aasland, @Fidget-Spinner, @AdamGold\nPRs | \u003cli\u003epython/cpython#24271\u003c/li\u003e\u003cli\u003epython/cpython#24297\u003c/li\u003e\u003cli\u003epython/cpython#24528\u003c/li\u003e\u003cli\u003epython/cpython#24529\u003c/li\u003e\u003cli\u003epython/cpython#24531\u003c/li\u003e\u003cli\u003epython/cpython#24532\u003c/li\u003e\u003cli\u003epython/cpython#24536\u003c/li\u003e\u003cli\u003epython/cpython#24818\u003c/li\u003e\u003cli\u003epython/cpython#25344\u003c/li\u003e\u003cli\u003epython/cpython#25345\u003c/li\u003e\nFiles | \u003cli\u003e[CVE-2021-23336-only-amp-as-query-sep.patch](https://bugs.python.org/file49839/CVE-2021-23336-only-amp-as-query-sep.patch \"Uploaded as text/plain at 2021-02-26.18:05:17 by @mcepl\")\u003c/li\u003e\n\n\u003csup\u003e*Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.*\u003c/sup\u003e\n\n\u003cdetails\u003e\u003csummary\u003eShow more details\u003c/summary\u003e\u003cp\u003e\n\nGitHub fields:\n```python\nassignee = 'https://github.com/orsenthil'\nclosed_at = \u003cDate 2021-02-15.19:34:55.754\u003e\ncreated_at = \u003cDate 2021-01-19.15:06:49.941\u003e\nlabels = ['type-security', '3.8', '3.9', '3.10', 'release-blocker', '3.7', 'library']\ntitle = '[CVE-2021-23336] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator'\nupdated_at = \u003cDate 2021-11-08.16:47:04.726\u003e\nuser = 'https://github.com/AdamGold'\n```\n\nbugs.python.org fields:\n```python\nactivity = \u003cDate 2021-11-08.16:47:04.726\u003e\nactor = 'vstinner'\nassignee = 'orsenthil'\nclosed = True\nclosed_date = \u003cDate 2021-02-15.19:34:55.754\u003e\ncloser = 'orsenthil'\ncomponents = ['Library (Lib)']\ncreation = \u003cDate 2021-01-19.15:06:49.941\u003e\ncreator = 'AdamGold'\ndependencies = []\nfiles = ['49839']\nhgrepos = []\nissue_num = 42967\nkeywords = ['patch']\nmessage_count = 57.0\nmessages = ['385266', '385332', '385337', '385341', '385342', '385344', '385346', '385352', '385495', '385496', '385497', '385513', '385527', '385544', '385549', '385565', '385566', '385567', '385582', '385585', '385590', '385865', '386003', '386785', '386787', '386788', '386954', '386957', '386960', '386968', '386980', '387027', '387037', '387039', '387040', '387045', '387049', '387069', '387638', '387712', '387735', '387756', '388368', '388433', '388434', '388440', '388447', '388486', '388574', '390782', '390784', '390790', '391231', '405721', '405723', '405725', '405728']\nnosy_count = 15.0\nnosy_names = ['lemburg', 'gregory.p.smith', 'orsenthil', 'ned.deily', 'mcepl', 'eric.araujo', 'petr.viktorin', 'lukasz.langa', 'serhiy.storchaka', 'pablogsal', 'miss-islington', 'rschiron', 'erlendaasland', 'kj', 'AdamGold']\npr_nums = ['24271', '24297', '24528', '24529', '24531', '24532', '24536', '24818', '25344', '25345']\npriority = 'release blocker'\nresolution = 'fixed'\nstage = 'resolved'\nstatus = 'closed'\nsuperseder = None\ntype = 'security'\nurl = 'https://bugs.python.org/issue42967'\nversions = ['Python 3.6', 'Python 3.7', 'Python 3.8', 'Python 3.9', 'Python 3.10']\n```\n\n\u003c/p\u003e\u003c/details\u003e\n","author":{"url":"https://github.com/AdamGold","@type":"Person","name":"AdamGold"},"datePublished":"2021-01-19T15:06:50.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":57},"url":"https://github.com/87133/cpython/issues/87133"}