Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-15366

Опубликовано: 20 янв. 2026
Источник: debian
EPSS Низкий

Описание

The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python3.14unfixedpackage
python3.13unfixedpackage
python3.11removedpackage
python3.9removedpackage
pypy3unfixedpackage
pypy3no-dsatrixiepackage
pypy3no-dsabookwormpackage
pypy3postponedbullseyepackage
python2.7removedpackage
python2.7end-of-lifebullseyepackage
jythonunfixedpackage
jythonno-dsatrixiepackage
jythonno-dsabookwormpackage
jythonend-of-lifebullseyepackage

Примечания

  • https://github.com/python/cpython/issues/143921

  • https://github.com/python/cpython/pull/143922

  • https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/

  • https://github.com/python/cpython/commit/6262704b134db2a4ba12e85ecfbd968534f28b45 (main)

EPSS

Процентиль: 13%
0.00043
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-15366

ubuntu
18 дней назад

The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

nvd логотип

CVE-2025-15366

nvd
18 дней назад

The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

github логотип

GHSA-4c67-8q63-xrxq

github
18 дней назад

The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

oracle-oval логотип

ELSA-2026-2128

oracle-oval
3 дня назад

ELSA-2026-2128: python3 security update (MODERATE)

EPSS

Процентиль: 13%
0.00043
Низкий