There is a MEDIUM severity vulnerability affecting CPython.

When using the "configparser" module to write configuration files
containing multi-line text values with carriage return characters (\r) the
resulting file could be injected with unexpected keys and values if the
attacker controls the written value.

Please see the linked CVE ID for the latest information on affected
versions:

* https://www.cve.org/CVERecord?id=CVE-2026-0864
* https://github.com/python/cpython/pull/143929
_______________________________________________
Security-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3//lists/security-announce.python.org
Member address: [email protected]

Reply via email to