Description

The e-mail module of Python 0 - 2.7.18, 3.x - 3.11 incorrectly parses e-mail addresses which contain a special character. This vulnerability allows attackers to send messages from e-ail addresses that would otherwise be rejected.

Remediation

References

CVE-2023-27043

Related Vulnerabilities

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2021-3629)

WordPress Plugin IMPress for IDX Broker Unspecified Vulnerability (2.5.11)

Ruby on Rails Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7829)

WordPress Plugin Gutenberg Block Editor Toolkit-EditorsKit Remote Code Execution (1.31.5)

TYPO3 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2010-3668)

Severity

Medium

Classification

CVE-2023-27043 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities