{"uuid": "1758e121-d1f0-4b70-8adf-8a0f8070346a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27043", "type": "seen", "source": "https://t.me/arpsyndicate/1603", "content": "#ExploitObserverAlert\n\nCVE-2023-27043\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27043. The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.\n\nFIRST-EPSS: 0.000510000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T11:14:45.000000Z"}