Bug 2432437 (CVE-2026-1299)
| Summary: | CVE-2026-1299 cpython: email header injection due to unquoted newlines | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | bbrownin, dfreiber, drow, gotiwari, jburrell, jgrulich, jhorak, jkoehler, ljawale, lphiri, luizcosta, mvyas, nweather, rbobbitt, sdawley, teagle, tpopela, vkumar |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules, allowing an attacker to inject email headers and potentially modify message recipients or the email body, and spoof sender information.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2433810, 2433813, 2433815, 2433816, 2433817, 2433818, 2433820, 2433822, 2433823, 2433825, 2433826, 2433827, 2433828, 2433830, 2433832, 2433811, 2433812, 2433814, 2433819, 2433821, 2433824, 2433829, 2433831 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2026-01-23 17:03:23 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:2128 https://access.redhat.com/errata/RHSA-2026:2128 |