Name of the Vulnerable Software and Affected Versions safeurl-python (affected versions not specified)

Description The issue allows bypassing of blacklisted hostnames by requesting the FQDN of the host, for example, by adding a . to the end. This could enable an attacker to circumvent blocks set by library users, potentially leading to Server-Side Request Forgery (SSRF) attacks to request those hostnames. The main library purpose of blocking internal or private IPs remains unaffected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.