When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value.
{
"severity": "Medium",
"cpes": [
"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"
]
}