VDB
DEBIAN-CVE-2024-6923
DEBIAN-CVE-2024-6923
PUBLISHED
CVSS 5.5 MEDIUM
There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | python3.13 | 0, 0 |
| Debian:12 | python3.11 | 3.11.2-6, 3.11.2-6+deb12u1, 0 |
| Debian:13 | python3.13 | 0, 0 |
| Debian:13 | pypy3 | 0, 0 |
| Debian:12 | pypy3 | 7.3.20+dfsg, *, * |
| Debian:11 | pypy3 | 7.3.5+dfsg, 7.3.5+dfsg, 7.3.5+dfsg |
| Debian:11 | python2.7 | 2.7.18-8+deb11u1, 2.7.18-9, 2.7.18-10 |
| Debian:14 | pypy3 | 0, 0 |
| Debian:11 | python3.9 | 3.9.2-1+deb11u1, 0, 0 |
Exploit Intelligence
- zephyr-crosstool-arm-grype.html (github-poc)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
Timeline
- Aug 1, 2024 CVE Published
- Apr 28, 2026 CVE Updated