27 matches found
MiracleLinux 8 : python3-3.6.8-56.el8_9.3.ML.1 (AXSA:2024-7427:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7427:02 advisory. python: Parsing errors in email/parseaddr.py lead to incorrect value in email address part of tuple CVE-2023-27043 Tenable has extracted the preceding...
BIT-LIBPYTHON-2023-36632
The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed ...
CLSA-2024-1730133909 Fix CVE(s): CVE-2023-27043
SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses and parseaddr functions - CVE-2023-27043...
CLSA-2024-1729628050 Fix CVE(s): CVE-2023-27043
SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses and parseaddr functions - debian/patches/fix-urllib2-test.patch: Fix error in...
CLSA-2024-1729627400 Fix CVE(s): CVE-2023-27043
SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses and parseaddr functions - debian/patches/fix-urllib2-test.patch: Fix error in...
CLSA-2024-1717693264 python2: Fix of CVE-2023-27043
Remove -b option, use original maintainer approach - CVE-2023-27043: reject malformed addresses in email.parseaddr...
CLSA-2024-1717692075 python2: Fix of CVE-2023-27043
Remove -b option, use original maintainer approach - CVE-2023-27043: reject malformed addresses in email.parseaddr...
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
CLSA-2024-1711648611 python3.9: Fix of CVE-2023-27043
CVE-2023-27043: reject malformed addresses in email.parseaddr...
CLSA-2024-1711491407 python: Fix of CVE-2023-27043
CVE-2023-27043: reject malformed addresses in email.parseaddr...
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
The vulnerability of the email.utils.parseaddr function in the Python interpreter allows a attacker to cause a service failure.
The vulnerability of the email.utils.parseaddr function in the Python programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Python 安全漏洞
Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python version 3.11.4 and earlier, which stems from a recursive exception in th...
PT-2023-4570 · Python · Python
Name of the Vulnerable Software and Affected Versions: Python versions through 3.11.4 Description: The legacy email.utils.parseaddr function in Python allows attackers to trigger a "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argume...
ALPINE-CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
SUSE CVE-2003-0694
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c...
SUSE CVE-2019-11340
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...