CVE-2025-11468 | THREATINT

Description

When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.

PUBLISHED Reserved 2025-10-07 | Published 2026-01-20 | Updated 2026-02-11 | Assigner PSF

MEDIUM: 5.7CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Product status

Default status

unaffected

Any version before 3.13.12

affected

3.14.0 (python) before 3.14.3

affected

3.15.0a1 (python) before 3.15.0a6

affected

Credits

Denis Ledoux reporter

Seth Larson coordinator

Denis Ledoux remediation developer

R. David Murray remediation reviewer

References

github.com/python/cpython/pull/143936 patch

github.com/python/cpython/issues/143935 issue-tracking

mail.python.org/.../thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/ vendor-advisory

github.com/...ommit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2 patch

github.com/...ommit/61614a5e5056e4f61ced65008d4576f3df34acb6 patch

github.com/...ommit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0 patch

github.com/...ommit/f738386838021c762efea6c9802c82de65e87796 patch

github.com/...ommit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66 patch

cve.org (CVE-2025-11468)

nvd.nist.gov (CVE-2025-11468)

Download JSON