Nothing new, still broken, insecure by default since then: Python's e-mail libraries and certificate verification and how it affected open source projects

www.pentagrid.ch

cross-posted to:
secops

Nothing new, still broken, insecure by default since then: Python's e-mail libraries and certificate verification and how it affected open source projects

www.pentagrid.ch

@repostbot33B to

netsecEnglish • 1 year ago

cross-posted to:
secops

Nothing new, still broken, insecure by default since then: Python's e-

www.pentagrid.ch

Python’s e-mail libraries smtplib, imaplib, and poplib do not verify server certificates unless a proper SSL context is passed to the API. This leads to security problems.

You must log in or register to comment.

Chat