[Security-announce][CVE-2024-6923] Email header injection due to unquoted newlines

1 Aug 2024


      There is a MEDIUM severity vulnerability affecting CPython.
The email module didn’t properly quote newlines for email headers when
serializing an email message allowing for header injection when an email is
serialized.
Please see the linked CVE for the latest information on affected versions:

https://www.cve.org/CVERecord?id=CVE-2024-6923
https://github.com/python/cpython/pull/122233
https://github.com/python/cpython/issues/121650

[Security-announce][CVE-2024-6923] Email header injection due to unquoted newlines

Seth Larson