Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-1795

Опубликовано: 28 фев. 2025
Источник: debian
EPSS Низкий

Описание

During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python3.13fixed3.13.0~b1-1package
python3.12fixed3.12.9-1package
python3.11removedpackage
python3.11fixed3.11.2-6+deb12u6bookwormpackage
python3.9removedpackage
pypy3fixed7.3.18+dfsg-1package
pypy3no-dsabookwormpackage

Примечания

  • https://github.com/python/cpython/issues/100884

  • Regression issue: https://github.com/python/cpython/issues/118643

  • https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/

  • Fixed by: https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48 (v3.13.0a5)

  • Regression fixed by: https://github.com/python/cpython/commit/6892b400dc8c95375ef31f6d716d62a6ff0c4cf2 (v3.13.0b2)

  • Fixed by: https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74 (v3.12.3)

  • Regression fixed by: https://github.com/python/cpython/commit/8c96850161da23ad2b37551d2a89c7d4716fe024 (v3.12.4)

  • Fixed by: https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593 (v3.11.9)

  • Regression Fixed by: https://github.com/python/cpython/commit/4762b365406a8cf026a4a4ddcae34c28a41c3de9 (v3.11.10)

  • Introduced by: https://github.com/python/cpython/commit/0b6f6c82b51b7071d88f48abb3192bf3dc2a2d24 (v3.3.0a4)

EPSS

Процентиль: 58%
0.00371
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-1795

ubuntu
9 месяцев назад

During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.

redhat логотип

CVE-2025-1795

CVSS3: 3.1
redhat
9 месяцев назад

During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.

nvd логотип

CVE-2025-1795

nvd
9 месяцев назад

During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.

msrc логотип

CVE-2025-1795

msrc
7 месяцев назад

Mishandling of comma during folding and unicode-encoding of email headers

suse-cvrf логотип

SUSE-SU-2025:0982-1

suse-cvrf
8 месяцев назад

Security update for python311

EPSS

Процентиль: 58%
0.00371
Низкий