AZL-75035

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-75035.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-75035

Upstream

CVE-2025-11468

Published

2026-01-20T22:15:50Z

Modified

2026-04-01T05:22:25.229797Z

Summary

CVE-2025-11468 affecting package python3 for versions less than 3.12.9-8

Details

When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-11468

Affected packages

Azure Linux:3 / python3

Package

Name: python3
Purl: pkg:rpm/azure-linux/python3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.12.9-8

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-75035.json"