Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-27043HistoryApr 19, 2023 - 12:15 a.m.
CVE-2023-27043
2023-04-1900:15:07
Debian Security Bug Tracker
security-tracker.debian.org
21
0.001 Low
EPSS
Percentile
42.3%
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pypy3 | <= 7.3.11+dfsg-2+deb12u1 | pypy3_7.3.11+dfsg-2+deb12u1_all.deb |
| Debian | 11 | all | pypy3 | <= 7.3.5+dfsg-2+deb11u2 | pypy3_7.3.5+dfsg-2+deb11u2_all.deb |
| Debian | 10 | all | pypy3 | <= 7.0.0+dfsg-3 | pypy3_7.0.0+dfsg-3_all.deb |
| Debian | 999 | all | pypy3 | <= 7.3.16+dfsg-2 | pypy3_7.3.16+dfsg-2_all.deb |
| Debian | 13 | all | pypy3 | <= 7.3.16+dfsg-2 | pypy3_7.3.16+dfsg-2_all.deb |
| Debian | 11 | all | python2.7 | <= 2.7.18-8+deb11u1 | python2.7_2.7.18-8+deb11u1_all.deb |
| Debian | 10 | all | python2.7 | <= 2.7.16-2+deb10u1 | python2.7_2.7.16-2+deb10u1_all.deb |
| Debian | 12 | all | python3.11 | <= 3.11.2-6 | python3.11_3.11.2-6_all.deb |
| Debian | 999 | all | python3.11 | <= 3.11.9-1 | python3.11_3.11.9-1_all.deb |
| Debian | 13 | all | python3.11 | <= 3.11.9-1 | python3.11_3.11.9-1_all.deb |
Related
nessus
nessus
Fedora 38 : python3-docs / python3.11 (2023-0583eedde7)
2024-01-03 00:00:00
Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2023-252)
2023-07-20 00:00:00
SUSE SLES12 Security Update : python36 (SUSE-SU-2024:0436-1)
2024-02-09 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0595-1)
2024-02-23 00:00:00
Fedora: Security Advisory for python3.10 (FEDORA-2023-d01f8a69b4)
2023-12-28 00:00:00
Fedora: Security Advisory for python2.7 (FEDORA-2024-06ff0a6def)
2024-01-18 00:00:00
redhat
redhat
(RHSA-2024:2292) Moderate: python3.11 security update
2024-04-30 06:15:17
(RHSA-2024:0256) Moderate: python3 security update
2024-01-15 15:32:15
(RHSA-2024:0466) Moderate: python3.9 security update
2024-01-24 14:41:04
almalinux
almalinux
Moderate: python3.11 security update
2024-04-30 00:00:00
Moderate: python3.9 security update
2024-01-25 00:00:00
Moderate: python3 security update
2024-01-15 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: python3.6-3.6.15-22.fc39
2023-12-26 01:47:08
[SECURITY] Fedora 38 Update: python2.7-2.7.18-37.fc38
2024-01-11 02:16:54
[SECURITY] Fedora 39 Update: python3.10-3.10.13-2.fc39
2023-12-26 01:47:04
osv
osv
Moderate: python3.11 security update
2024-04-30 00:00:00
Moderate: python3 security update
2024-01-15 00:00:00
Moderate: python3.9 security update
2024-01-25 00:00:00
oraclelinux
oraclelinux
python3 security update
2024-01-16 00:00:00
python3.9 security update
2024-01-25 00:00:00
python3.11 security update
2024-05-02 00:00:00
veracode
veracode
Improper Input Validation
2023-10-12 14:32:35
cve
cve
CVE-2023-27043
2023-04-19 00:15:07
ibm
ibm
Security Bulletin: A Python Vulnerability Affects IBM Cloud Pak for Data Scheduling ( CVE-2023-27043 )
2024-02-20 19:45:03
redhatcve
redhatcve
CVE-2023-27043
2023-05-08 09:52:52
rocky
rocky
python3 security update
2024-01-16 18:06:14
cgr
cgr
CVE-2023-27043 vulnerabilities
2024-05-17 15:41:37
ubuntucve
ubuntucve
CVE-2023-27043
2023-04-19 00:00:00
cvelist
cvelist
CVE-2023-27043
2023-04-18 00:00:00
prion
prion
Authentication flaw
2023-04-19 00:15:00
wolfi
wolfi
CVE-2023-27043 vulnerabilities
2024-05-17 21:08:03
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0427
2023-07-14 00:00:00