Description

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.

INFO

Published Date :

2024-08-01T13:40:11.069Z

Last Modified :

2025-11-03T22:32:47.018Z

Source :

PSF
AFFECTED PRODUCTS

The following products are affected by CVE-2024-6923 vulnerability.

Vendors Products
Python
  • Cpython
Redhat
  • Enterprise Linux
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Tus
  • Service Interconnect
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-6923.

URL Resource
http://www.openwall.com/lists/oss-security/2024/08/01/3 cve-icon
http://www.openwall.com/lists/oss-security/2024/08/02/2 cve-icon
https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147 cve-icon cve-icon
https://github.com/python/cpython/commit/097633981879b3c9de9a1dd120d3aa585ecc2384 cve-icon cve-icon
https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7 cve-icon cve-icon
https://github.com/python/cpython/commit/4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0 cve-icon cve-icon
https://github.com/python/cpython/commit/b158a76ce094897c870fb6b3de62887b7ccc33f1 cve-icon cve-icon
https://github.com/python/cpython/commit/f7be505d137a22528cb0fc004422c0081d5d90e6 cve-icon cve-icon
https://github.com/python/cpython/commit/f7c0f09e69e950cf3c5ada9dbde93898eb975533 cve-icon cve-icon
https://github.com/python/cpython/issues/121650 cve-icon cve-icon cve-icon
https://github.com/python/cpython/pull/122233 cve-icon cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00005.html cve-icon
https://mail.python.org/archives/list/[email protected]/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/ cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-6923 cve-icon
https://security.netapp.com/advisory/ntap-20240926-0003/ cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-6923 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact