16 matches found
EUVD-2026-31977
emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who ca...
CVE-2026-44844 eml_parser: Recursion DoS via nested message/rfc822 attachments
emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who ca...
CVE-2026-44844
emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who ca...
eml_parser 安全漏洞
EmlParser is an open-source Python library for parsing email files, developed by GOVCERT.LU. Versions of EmlParser prior to 3.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of EmlParser.getrawbodytext, which performed unrestricted recursive processing on nested...
GHSA-G47V-RWMH-R9F8 eml_parser has recursion DoS via nested message/rfc822 attachments
Summary EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who can supply a badly crafted EML file with approximately 120 nested message/rfc822 parts triggers an unhandled RecursionError and aborts parsing of the...
eml_parser has recursion DoS via nested message/rfc822 attachments
Summary EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who can supply a badly crafted EML file with approximately 120 nested message/rfc822 parts triggers an unhandled RecursionError and aborts parsing of the...
Uncontrolled Recursion
Overview eml-parser is a Python EML parser library Affected versions of this package are vulnerable to Uncontrolled Recursion through the getrawbodytext function. An attacker can cause the application to crash by supplying an email file with deeply nested message/rfc822 attachments, leading to...
CVE-2026-29780
emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursivelyextractattachments.py contains a path traversal vulnerability that allows...
CVE-2026-29780
emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursivelyextractattachments.py contains a path traversal vulnerability that allows...
CVE-2026-29780
emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursivelyextractattachments.py contains a path traversal vulnerability that allows...
CVE-2026-29780 eml_parser: Path Traversal in Official Example Script Leading to Arbitrary File Write
emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursivelyextractattachments.py contains a path traversal vulnerability that allows...
CVE-2026-29780
Summary: CVE-2026-29780 affects the Python eml_parser library. The vulnerability resides in the official example script (examples/recursively_extract_attachments.py), where attachment filenames are used directly to build output paths without sanitization, enabling an attacker-controlled filename ...
CVE-2026-29780 eml_parser: Path Traversal in Official Example Script Leading to Arbitrary File Write
emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursivelyextractattachments.py contains a path traversal vulnerability that allows...
axa-fr-splitter (>=0.0.2 <=0.1.2), cyvoreos (>=0.2.0.3b0 <=0.2.0.7b0) +3 more potentially affected by CVE-2026-29780 via eml-parser (=1.17.5)
eml-parser PYPI version =1.17.5 is affected by a known vulnerability. The following packages have a transitive dependency on eml-parser and may be impacted: - axa-fr-splitter =0.0.2, =0.2.0.3b0, =1.0.7, =1.1.1, =0.1.13, =0.3.1 Source cves: CVE-2026-29780 Source advisory: OSV:GHSA-389R-RCCM-H3H5...
Directory Traversal
Overview eml-parser is a Python EML parser library Affected versions of this package are vulnerable to Directory Traversal via the recursivelyextractattachments.py script when processing email attachments with attacker-controlled filenames. An attacker can write arbitrary files outside the intend...
CVE-2026-29780
creationtimestamp| type| source ---|---|--- 2026-03-04 15:33:56+00:00| published-proof-of-concept| https://github.com/GOVCERT-LU/emlparser/security/advisories/GHSA-389r-rccm-h3h5...