Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:25268
HistoryMay 10, 2020 - 11:23 p.m.

Information Disclosure

2020-05-1023:23:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
32

EPSS

0.004

Percentile

75.3%

python is vulnerable to information disclosure. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that would otherwise be invalid, resulting in the email to be sent to a third-party.

References