isInList in the safeurl-python package prior to 1.2 for Python has an insufficiently restrictive regular expression for external domains, leading to SSRF.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
includesecurity safeurl-python 1.0 |