Hamzaavvan

**Name of the Vulnerable Software and Affected Versions** Python versions 3.x through 3.10 **Description** The issue is related to an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path, which may lead to information disclosure. It is noted that this is disputed by a third party because the http.server.html documentation page states that http.server is not recommended for production and only implements basic security checks. **Recommendations** For versions 3.x through 3.10, consider disabling the use of http.server for production environments, as recommended by the documentation, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.