There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.
Please see the linked CVE for the latest information on affected versions: * https://www.cve.org/CVERecord?id=CVE-2024-6923 * https://github.com/python/cpython/pull/122233 * https://github.com/python/cpython/issues/121650
_______________________________________________ Security-announce mailing list -- security-annou...@python.org To unsubscribe send an email to security-announce-le...@python.org https://mail.python.org/mailman3/lists/security-announce.python.org/ Member address: arch...@mail-archive.com
