Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-27043
HistoryApr 19, 2023 - 12:00 a.m.

CVE-2023-27043

2023-04-1900:00:00
ubuntu.com
ubuntu.com
95
cve-2023-27043
python
email module
parsing
vulnerability
special character
rfc2822
header
addr-spec
protection mechanism
domain
bypass
application
access
bug
regression
pull request
discussion
email-parseaddr
realname
unix

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

6.1

Confidence

High

EPSS

0.002

Percentile

58.7%

The email module of Python through 3.11.3 incorrectly parses e-mail
addresses that contain a special character. The wrong portion of an RFC2822
header is identified as the value of the addr-spec. In some applications,
an attacker can bypass a protection mechanism in which application access
is granted only after verifying receipt of e-mail to a specific domain
(e.g., only @company.example.com addresses may be used for signup). This
occurs in email/_parseaddr.py in recent versions of Python.

Bugs

Notes

Author Note
mdeslaur As of 2024-07-18, the new pull requests are: https://github.com/python/cpython/pull/108250 https://github.com/python/cpython/pull/111116
allenpthuang as of 2024-04-11, one of the pull requests has been merged (pull/111116) while the bug (gh-102988) remains open.
mdeslaur as of 2024-07-18, the fixes haven’t been backported to the stable releases. See gh-102988 bug.

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

6.1

Confidence

High

EPSS

0.002

Percentile

58.7%