{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-1795", "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22", "state": "PUBLISHED", "assignerShortName": "PSF", "dateReserved": "2025-02-28T18:49:37.957Z", "datePublished": "2025-02-28T18:59:31.784Z", "dateUpdated": "2026-04-21T20:15:50.714Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["email"], "product": "CPython", "repo": "https://github.com/python/cpython", "vendor": "Python Software Foundation", "versions": [{"version": "0", "lessThan": "3.10.17", "status": "affected", "versionType": "python"}, {"version": "3.11.0", "lessThan": "3.11.9", "status": "affected", "versionType": "python"}, {"version": "3.12.0", "lessThan": "3.12.3", "status": "affected", "versionType": "python"}, {"version": "3.13.0a1", "lessThan": "3.13.0a5", "status": "affected", "versionType": "python"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers."}], "value": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 2.3, "baseSeverity": "LOW", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "28c92f92-d60d-412d-b760-e73465c3df22", "shortName": "PSF", "dateUpdated": "2026-04-21T20:15:50.714Z"}, "references": [{"tags": ["issue-tracking"], "url": "https://github.com/python/cpython/issues/100884"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/pull/100885"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/pull/119099"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74"}, {"tags": ["vendor-advisory"], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/a4ef689ce670684ec132204b1cd03720c8e0a03d"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/d4df3c55e4c5513947f907f24766b34d2ae8c090"}], "source": {"discovery": "UNKNOWN"}, "title": "Mishandling of comma during folding and unicode-encoding of email headers", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-116", "lang": "en", "description": "CWE-116 Improper Encoding or Escaping of Output"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-28T20:30:47.670593Z", "id": "CVE-2025-1795", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-28T20:32:56.849Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00013.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:57:12.370Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00013.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:57:12.370Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1795", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-28T20:30:47.670593Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-28T20:30:53.042Z"}}], "cna": {"title": "Mishandling of comma during folding and unicode-encoding of email headers", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 2.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/python/cpython", "vendor": "Python Software Foundation", "modules": ["email"], "product": "CPython", "versions": [{"status": "affected", "version": "0", "lessThan": "3.10.17", "versionType": "python"}, {"status": "affected", "version": "3.11.0", "lessThan": "3.11.9", "versionType": "python"}, {"status": "affected", "version": "3.12.0", "lessThan": "3.12.3", "versionType": "python"}, {"status": "affected", "version": "3.13.0a1", "lessThan": "3.13.0a5", "versionType": "python"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/python/cpython/issues/100884", "tags": ["issue-tracking"]}, {"url": "https://github.com/python/cpython/pull/100885", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/pull/119099", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74", "tags": ["patch"]}, {"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/", "tags": ["vendor-advisory"]}, {"url": "https://github.com/python/cpython/commit/a4ef689ce670684ec132204b1cd03720c8e0a03d", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/d4df3c55e4c5513947f907f24766b34d2ae8c090", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "supportingMedia": [{"type": "text/html", "value": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "base64": false}]}], "providerMetadata": {"orgId": "28c92f92-d60d-412d-b760-e73465c3df22", "shortName": "PSF", "dateUpdated": "2026-04-21T20:15:50.714Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1795", "state": "PUBLISHED", "dateUpdated": "2026-04-21T20:15:50.714Z", "dateReserved": "2025-02-28T18:49:37.957Z", "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22", "datePublished": "2025-02-28T18:59:31.784Z", "assignerShortName": "PSF"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers."}, {"lang": "es", "value": "Durante el plegado de una lista de direcciones, cuando una coma separadora termina en una l\u00ednea plegada y esa l\u00ednea debe codificarse en Unicode, entonces el separador en s\u00ed tambi\u00e9n se codifica en Unicode. El comportamiento esperado es que la coma separadora siga siendo una coma de plan. Esto puede provocar que algunos servidores de correo interpreten mal el encabezado de la direcci\u00f3n."}], "id": "CVE-2025-1795", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@python.org", "type": "Secondary"}]}, "published": "2025-02-28T19:15:36.550", "references": [{"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/a4ef689ce670684ec132204b1cd03720c8e0a03d"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/d4df3c55e4c5513947f907f24766b34d2ae8c090"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/issues/100884"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/pull/100885"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/pull/119099"}, {"source": "cna@python.org", "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00013.html"}], "sourceIdentifier": "cna@python.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-116"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "python: Mishandling of comma during folding and unicode-encoding of email headers", "id": "2349061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349061"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-168", "details": ["During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers."], "name": "CVE-2025-1795", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "python3.12", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "python", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "python", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "python3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.11", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.12", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python36:3.6/python36", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python39:3.9/python39", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python39-devel:3.9/python39", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.11", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.12", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.9", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-28T18:59:31Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-1795\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-1795\nhttps://github.com/python/cpython/commit/09fab93c3d857496c0bd162797fab816c311ee48\nhttps://github.com/python/cpython/commit/70754d21c288535e86070ca7a6e90dcb670b8593\nhttps://github.com/python/cpython/commit/9148b77e0af91cdacaa7fe3dfac09635c3fe9a74\nhttps://github.com/python/cpython/issues/100884\nhttps://github.com/python/cpython/pull/100885\nhttps://github.com/python/cpython/pull/119099\nhttps://mail.python.org/archives/list/security-announce@python.org/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/"], "threat_severity": "Low"}

{"analysis": {"en": {"generated_at": "2026-04-22T13:27:41.233448+00:00", "value": {"mitigation_remediation": ["Upgrade CPython to a release that incorporates the commit(s) fixing the header\u2011folding issue; this patch directly addresses the improper encoding (CWE\u2011116) and the sequencing error (CWE\u2011168) identified in the advisory.", "If an immediate upgrade is not feasible, add validation logic to your mail server or client that ensures commas remain in plain form and that folded lines are properly ordered; these checks mitigate the encoding flaw (CWE\u2011116) and the sequencing flaw (CWE\u2011168).", "Monitor mail logs for anomalous address header parsing and apply additional filtering rules that detect percent\u2011encoded commas or incorrect line sequencing, thereby helping to spot and block improperly folded addresses."], "summary": {"action": "Apply Patch", "impact": "Email header misinterpretation"}, "threat_synthesis": {"affected_systems": "The flaw exists in CPython, the reference interpreter for Python, and affects any deployment that processes email headers containing folded address lists. Affected releases include all CPython versions that contain the unpatched header\u2011folding code. Specific version details are not listed in the advisory, but all CPython releases prior to the application of the commits referenced in the advisory are impacted.", "description_and_impact": "During folding of email address lists, a comma at the end of a folded line is incorrectly Unicode\u2011encoded when the line is processed for encoding; the comma should remain plain. This misencoding can cause mail servers to misinterpret the recipient address, potentially leading to delivery to an unintended recipient; the possibility of spoofing is inferred but not explicitly stated in the CVE description.", "risk_and_exploitability": "The CVSS score of 2.3 indicates low severity, and the EPSS score of less than 1% suggests a very low probability of exploitation at present. The vulnerability does not allow remote code execution or privilege escalation; it mainly permits email header manipulation, which might be leveraged for phishing or deliverability issues (these implications are inferred from the manipulation ability but not stated explicitly in the CVE description). The flaw is not listed in the CISA KEV catalog, and no publicly known exploits have been documented. Attackers would need to craft an email with a folded address header that contains a comma incorrectly encoded, which requires send access to a mail system that processes such headers."}}}}, "created": "2025-06-20T13:55:54.118369+00:00", "updated": "2026-04-22T13:30:17.929931+00:00", "vendors": ["python", "python$PRODUCT$cpython"]}