CVE-2024-6923 Information

Description

There is a MEDIUM severity vulnerability affecting CPython.

The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.

Reference

https://github.com/python/cpython/pull/122233 https://github.com/python/cpython/issues/121650 https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/