Bernd Dietzel

**Name of the Vulnerable Software and Affected Versions** Python versions prior to 3.10.8 Python versions 3.7, 3.8, 3.9 **Description** The issue is related to insufficient argument validation in the mailcap module of the Python interpreter. This may allow a remote attacker to inject shell commands into applications that use the mailcap.findmatch function with untrusted input, such as unvalidated user-provided filenames or arguments. **Recommendations** For Python versions prior to 3.10.8, update to version 3.10.8 or later to resolve the issue. For Python versions 3.7, 3.8, 3.9, apply the back-ported fix to resolve the issue. As a temporary workaround, consider validating user-provided filenames and arguments before passing them to the mailcap.findmatch function to minimize the risk of exploitation.