There is a MEDIUM severity vulnerability affecting CPython.

The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.

Please see the linked CVE for the latest information on affected versions:

• https://www.cve.org/CVERecord?id=CVE-2024-6923
• https://github.com/python/cpython/pull/122233
• https://github.com/python/cpython/issues/121650