{"vulnerability": "CVE-2023-36632", "sightings": [{"uuid": "2aec2e1f-44e9-4cfb-88c7-e8598104ef97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36632", "type": "seen", "source": "Telegram/e1o90iHJT-k2JGh5790ahxiLQIt4T9bVzKO5ZsUBjDuYtSU", "content": "", "creation_timestamp": "2025-07-18T13:11:47.000000Z"}, {"uuid": "6eb55054-d253-440e-b38d-c6389293629d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36632", "type": "seen", "source": "https://t.me/cibsecurity/65495", "content": "\u203c CVE-2023-36632 \u203c\n\nThe legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger \"RecursionError: maximum recursion depth exceeded while calling a Python object\" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. NOTE: email.utils.parseaddr is categorized as a Legacy API in the documentation of the Python email package. Applications should instead use the email.parser.BytesParser or email.parser.Parser class.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-26T00:10:04.000000Z"}]}