vulnerability

Red Hat: CVE-2025-1795: python: Mishandling of comma during folding and unicode-encoding of email headers

Name: Red Hat: CVE-2025-1795: python: Mishandling of comma during folding and unicode-encoding of email headers
Creator: Red Hat
Published: 2025-02-28T00:00:00.000Z
Keywords: CVE, Red Hat, 2025, 1795, python, no-fix-redhat-rpm-package, Severity 4

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:S/C:P/I:N/A:N)

Published

Feb 28, 2025

Added

Jul 9, 2025

Modified

Jul 31, 2025

Description

During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.

Solution

no-fix-redhat-rpm-package

References

NVD-CVE-2025-1795

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report