There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.
Please see the linked CVE for the latest information on affected versions: * https://www.cve.org/CVERecord?id=CVE-2024-6923 * https://github.com/python/cpython/pull/122233 * https://github.com/python/cpython/issues/121650
_______________________________________________ Security-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/security-announce.python.org/ Member address: [email protected]
