Updated: 2025-08-20 02:05:19.391135
Description:
There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0.0 |
| CVSS Version 3.x | MEDIUM | 6.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CloudLinux 7 ELS | python | 2.7.5 | 6.8 | MEDIUM | Ignored | 2024-08-29 05:23:12 | Ignored due to low severity | |
| Oracle Linux 6 ELS | python | 2.6.6 | 6.8 | MEDIUM | Ignored | 2024-08-29 12:10:10 | Ignored due to low severity | |
| Ubuntu 16.04 ELS | python3.5 | 3.5.2 | 6.8 | MEDIUM | Ignored | 2025-11-05 07:33:47 | We have reasoned not to fix this issue since the fix is too intrusive, backporting might lead to ad... | |
| Ubuntu 16.04 ELS | python2.7 | 2.7.12 | 6.8 | MEDIUM | Released | CLSA-2024:1734643101 | 2024-12-19 23:45:17 | We have reasoned not to fix this issue since the fix is too intrusive, backporting might lead to ad... |
| Ubuntu 18.04 ELS | python2.7 | 2.7.17-1 | 6.8 | MEDIUM | Released | CLSA-2024:1734705832 | 2024-12-20 23:13:55 | |
| Ubuntu 18.04 ELS | python3.6 | 3.6.9-1 | 6.8 | MEDIUM | Released | CLSA-2024:1734643401 | 2024-12-20 23:13:54 |