Back to bug 2217338
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Avinash Hanwate | 2023-06-26 06:52:10 UTC | CC | cstratak, hhorak, jorton | |
| Avinash Hanwate | 2023-06-26 06:54:44 UTC | Depends On | 2217385, 2217383, 2217376, 2217378, 2217380, 2217381, 2217382, 2217377, 2217386, 2217379, 2217387, 2217375, 2217384 | |
| Avinash Hanwate | 2023-06-26 06:55:34 UTC | Blocks | 2217388 | |
| Sandipan Roy | 2023-06-26 08:06:30 UTC | Doc Text | A vulnerability was found in Python. This security flaw was found in the legacy email.utils.parseaddr function in Python that allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. | |
| Sandipan Roy | 2023-07-03 03:07:10 UTC | Summary | TRIAGE-CVE-2023-36632 python: RecursionError: maximum recursion depth exceeded while calling a Python object | CVE-2023-36632 python: RecursionError: maximum recursion depth exceeded while calling a Python object |
| Alias | TRIAGE-CVE-2023-36632 | CVE-2023-36632 | ||
| Sandipan Roy | 2023-07-03 03:08:22 UTC | Depends On | 2219214, 2219213, 2219216, 2219220, 2219219, 2219212, 2219217, 2219221, 2219218, 2219215 | |
| Petr Viktorin | 2023-07-03 06:42:10 UTC | CC | pviktori | |
| RaTasha Tillery-Smith | 2023-07-03 12:24:44 UTC | Doc Text | A vulnerability was found in Python. This security flaw was found in the legacy email.utils.parseaddr function in Python that allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. | A vulnerability was found in Python. This issue occurs in the legacy email.utils.parseaddr function in Python that allows attackers to trigger a "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. |
| Red Hat Bugzilla | 2023-07-07 08:35:15 UTC | Assignee | security-response-team | nobody |
| Tomas Orsava | 2023-07-12 12:18:08 UTC | Flags | needinfo?(ahanwate) | |
| CC | torsava | |||
| Avinash Hanwate | 2023-07-17 07:58:03 UTC | Flags | needinfo?(ahanwate) | |
| Avinash Hanwate | 2023-07-17 07:58:48 UTC | Comment | 5 | updated |
| Avinash Hanwate | 2023-07-17 07:59:34 UTC | Flags | needinfo?(saroy) | |
| CC | saroy | |||
| Sandipan Roy | 2023-07-17 14:15:45 UTC | Flags | needinfo?(saroy) |
Back to bug 2217338