Python CPython Email Module Header Injection Vulnerability in BytesGenerator Class

A header injection vulnerability has been identified in the Python CPython email module, specifically within the BytesGenerator class. This issue arises because the generator did not properly quote newlines in email headers during serialization, allowing for injection attacks. The vulnerability is relevant when using 'LiteralHeader' with headers that do not adhere to standard email folding rules. The newly implemented behavior in the BytesGenerator will reject headers that are incorrectly folded.

Impact

Exploitation of this vulnerability allows for header injection attacks when emails are serialized using the affected BytesGenerator class.

Reproduction

To reproduce this vulnerability, use the BytesGenerator class from the email module to serialize a message with headers that are not properly folded according to email standards. Ensure that 'LiteralHeader' is used, as this writing method can introduce unquoted newlines that lead to the injection issue.

Remediation

The vulnerability has been addressed in Python versions 3.8.20, 3.9.20, 3.10.15, 3.11.10, 3.12.5, and 3.13.0rc2. Users should upgrade to one of these versions.