QwikSec

Security Database

CVE

CWE

Training

CVE-2019-16056

Published: Sep 6, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2019-4954d8773c

vendor-advisory

x_refsource_FEDORA

[debian-lts-announce] 20190916 [SECURITY] [DLA 1925-1] python2.7 security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190916 [SECURITY] [DLA 1924-1] python3.4 security update

mailing-list

x_refsource_MLIST

FEDORA-2019-50772cf122

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-5dc275c9f2

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-2b1f72899a

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2019:2389

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:2393

vendor-advisory

x_refsource_SUSE

FEDORA-2019-232f092db0

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-986622833f

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-aba3cca74a

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2019:2438

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2019:2453

vendor-advisory

x_refsource_SUSE

FEDORA-2019-0d3fcae639

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-74ba24605e

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-b06ec6159b

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-758824a3ff

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-d202cda4f8

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-57462fa10d

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

FEDORA-2019-7ec5bb5d22

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-a268ba7b23

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2020:0086

vendor-advisory

x_refsource_SUSE

https://www.oracle.com/security-alerts/cpuapr2020.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

https://bugs.python.org/issue34155

x_refsource_MISC

https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20190926-0005/

x_refsource_CONFIRM

[debian-lts-announce] 20200715 [SECURITY] [DLA 2280-1] python3.5 security update

mailing-list

x_refsource_MLIST

[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20200822 [SECURITY] [DLA 2337-1] python2.7 security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.