GHSA-g345-7jg6-m22pMedium

When using the "configparser" module to write configuration files containing multi-line text...

Published
June 23, 2026
Last Modified
June 23, 2026

🔗 CVE IDs covered (1)

📋 Description

When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value.

🔗 References (6)