CVE-2026-1299
6
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
Summary
The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email folding rules, the new behavior will reject the incorrectly folded headers in "BytesGenerator".
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Python Software Foundation | CPython | 0 < 3.10.20 | affected |
| Python Software Foundation | CPython | 3.11.0 < 3.11.15 | affected |
| Python Software Foundation | CPython | 3.12.0 < 3.12.13 | affected |
| Python Software Foundation | CPython | 3.13.0 < 3.13.12 | affected |
| Python Software Foundation | CPython | 3.14.0 < 3.14.3 | affected |
| Python Software Foundation | CPython | 3.15.0a1 < 3.15.0a6 | affected |
Weaknesses
- CWE-93: CWE-93
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://github.com/python/cpython/pull/144126
- https://github.com/python/cpython/issues/144125
- https://cve.org/CVERecord?id=CVE-2024-6923
- https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/
- https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413
- https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8
- https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9
- https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4
- https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36
- https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.