CVE-2024-6923

MEDIUM Year: 2024
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-94
View all →

Vulnerability Description

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.

Related Vulnerabilities

CVE-2021-25393

MEDIUM
CVSS:5.5(Medium)

Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data.

CWE-942021

CVE-2021-25415

MEDIUM
CVSS:5.5(Medium)

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable.

CWE-942021

CVE-2022-33721

MEDIUM
CVSS:5.5(Medium)

A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege.

CWE-942022

CVE-2024-29409

MEDIUM
CVSS:5.5(Medium)

File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the Content-Type header.

CWE-942024

CVE-2024-55504

MEDIUM
CVSS:5.5(Medium)

An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject arbitrary code potentially leading to remote control and unauthorized access to sensitive user data via the...

CWE-942024