Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-0865 (GCVE-0-2026-0865)
Vulnerability from cvelistv5 – Published: 2026-01-20 21:26 – Updated: 2026-02-03 21:53
VLAI?
EPSS
Title
wsgiref.headers.Headers allows header newline injection
Summary
User-controlled header names and values containing newlines can allow injecting HTTP headers.
Severity ?
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Python Software Foundation | CPython |
Affected:
0 , < 3.13.12
(python)
Affected: 3.14.0 , < 3.14.3 (python) Affected: 3.15.0a1 , < 3.15.0 (python) |
Credits
Omar M. Hasan
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0865",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T15:40:22.223517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:14:52.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CPython",
"vendor": "Python Software Foundation",
"versions": [
{
"lessThan": "3.13.12",
"status": "affected",
"version": "0",
"versionType": "python"
},
{
"lessThan": "3.14.3",
"status": "affected",
"version": "3.14.0",
"versionType": "python"
},
{
"lessThan": "3.15.0",
"status": "affected",
"version": "3.15.0a1",
"versionType": "python"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Omar M. Hasan"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "User-controlled header names and values containing newlines can allow injecting HTTP headers."
}
],
"value": "User-controlled header names and values containing newlines can allow injecting HTTP headers."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T21:53:00.992Z",
"orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"shortName": "PSF"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/pull/143917"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/python/cpython/issues/143916"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "wsgiref.headers.Headers allows header newline injection",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"assignerShortName": "PSF",
"cveId": "CVE-2026-0865",
"datePublished": "2026-01-20T21:26:15.274Z",
"dateReserved": "2026-01-12T16:07:56.781Z",
"dateUpdated": "2026-02-03T21:53:00.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-0865\",\"sourceIdentifier\":\"cna@python.org\",\"published\":\"2026-01-20T22:15:52.800\",\"lastModified\":\"2026-01-26T15:05:23.427\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"User-controlled header names and values containing newlines can allow injecting HTTP headers.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@python.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"cna@python.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-74\"}]}],\"references\":[{\"url\":\"https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/issues/143916\",\"source\":\"cna@python.org\"},{\"url\":\"https://github.com/python/cpython/pull/143917\",\"source\":\"cna@python.org\"},{\"url\":\"https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/\",\"source\":\"cna@python.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-0865\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-21T15:40:22.223517Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-21T15:48:38.269Z\"}}], \"cna\": {\"title\": \"wsgiref.headers.Headers allows header newline injection\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Omar M. Hasan\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 5.9, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Python Software Foundation\", \"product\": \"CPython\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.13.12\", \"versionType\": \"python\"}, {\"status\": \"affected\", \"version\": \"3.14.0\", \"lessThan\": \"3.14.3\", \"versionType\": \"python\"}, {\"status\": \"affected\", \"version\": \"3.15.0a1\", \"lessThan\": \"3.15.0\", \"versionType\": \"python\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/python/cpython/pull/143917\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/python/cpython/issues/143916\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"User-controlled header names and values containing newlines can allow injecting HTTP headers.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"User-controlled header names and values containing newlines can allow injecting HTTP headers.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-74\", \"description\": \"CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"28c92f92-d60d-412d-b760-e73465c3df22\", \"shortName\": \"PSF\", \"dateUpdated\": \"2026-02-03T21:53:00.992Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-0865\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-03T21:53:00.992Z\", \"dateReserved\": \"2026-01-12T16:07:56.781Z\", \"assignerOrgId\": \"28c92f92-d60d-412d-b760-e73465c3df22\", \"datePublished\": \"2026-01-20T21:26:15.274Z\", \"assignerShortName\": \"PSF\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0067
Vulnerability from certfr_avis - Published: 2026-01-21 - Updated: 2026-01-21
De multiples vulnérabilités ont été découvertes dans CPython. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CPython sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "CPython",
"vendor": {
"name": "Python",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-15282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
},
{
"name": "CVE-2025-11468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
},
{
"name": "CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"name": "CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2026-0672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
}
],
"initial_release_date": "2026-01-21T00:00:00",
"last_revision_date": "2026-01-21T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0067",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-01-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans CPython. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Python",
"vendor_advisories": [
{
"published_at": "2026-01-20",
"title": "Bulletin de s\u00e9curit\u00e9 Python BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/"
},
{
"published_at": "2026-01-20",
"title": "Bulletin de s\u00e9curit\u00e9 Python X66HL7SISGJT33J53OHXMZT4DFLMHVKF",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/"
},
{
"published_at": "2026-01-20",
"title": "Bulletin de s\u00e9curit\u00e9 Python 6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/"
},
{
"published_at": "2026-01-20",
"title": "Bulletin de s\u00e9curit\u00e9 Python FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/"
},
{
"published_at": "2026-01-20",
"title": "Bulletin de s\u00e9curit\u00e9 Python CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/"
},
{
"published_at": "2026-01-20",
"title": "Bulletin de s\u00e9curit\u00e9 Python DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/"
}
]
}
OPENSUSE-SU-2026:10152-1
Vulnerability from csaf_opensuse - Published: 2026-02-05 00:00 - Updated: 2026-02-05 00:00Summary
python315-3.15.0~a3-4.1 on GA media
Notes
Title of the patch
python315-3.15.0~a3-4.1 on GA media
Description of the patch
These are all security issues fixed in the python315-3.15.0~a3-4.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2026-10152
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python315-3.15.0~a3-4.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python315-3.15.0~a3-4.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10152",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10152-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15282 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15366 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15366/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15367 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0865 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0865/"
}
],
"title": "python315-3.15.0~a3-4.1 on GA media",
"tracking": {
"current_release_date": "2026-02-05T00:00:00Z",
"generator": {
"date": "2026-02-05T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10152-1",
"initial_release_date": "2026-02-05T00:00:00Z",
"revision_history": [
{
"date": "2026-02-05T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python315-3.15.0~a3-4.1.aarch64",
"product": {
"name": "python315-3.15.0~a3-4.1.aarch64",
"product_id": "python315-3.15.0~a3-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-curses-3.15.0~a3-4.1.aarch64",
"product": {
"name": "python315-curses-3.15.0~a3-4.1.aarch64",
"product_id": "python315-curses-3.15.0~a3-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-dbm-3.15.0~a3-4.1.aarch64",
"product": {
"name": "python315-dbm-3.15.0~a3-4.1.aarch64",
"product_id": "python315-dbm-3.15.0~a3-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-idle-3.15.0~a3-4.1.aarch64",
"product": {
"name": "python315-idle-3.15.0~a3-4.1.aarch64",
"product_id": "python315-idle-3.15.0~a3-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-profiling-3.15.0~a3-4.1.aarch64",
"product": {
"name": "python315-profiling-3.15.0~a3-4.1.aarch64",
"product_id": "python315-profiling-3.15.0~a3-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-tk-3.15.0~a3-4.1.aarch64",
"product": {
"name": "python315-tk-3.15.0~a3-4.1.aarch64",
"product_id": "python315-tk-3.15.0~a3-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"product": {
"name": "python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"product_id": "python315-x86-64-v3-3.15.0~a3-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python315-3.15.0~a3-4.1.ppc64le",
"product": {
"name": "python315-3.15.0~a3-4.1.ppc64le",
"product_id": "python315-3.15.0~a3-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-curses-3.15.0~a3-4.1.ppc64le",
"product": {
"name": "python315-curses-3.15.0~a3-4.1.ppc64le",
"product_id": "python315-curses-3.15.0~a3-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-dbm-3.15.0~a3-4.1.ppc64le",
"product": {
"name": "python315-dbm-3.15.0~a3-4.1.ppc64le",
"product_id": "python315-dbm-3.15.0~a3-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-idle-3.15.0~a3-4.1.ppc64le",
"product": {
"name": "python315-idle-3.15.0~a3-4.1.ppc64le",
"product_id": "python315-idle-3.15.0~a3-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-profiling-3.15.0~a3-4.1.ppc64le",
"product": {
"name": "python315-profiling-3.15.0~a3-4.1.ppc64le",
"product_id": "python315-profiling-3.15.0~a3-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-tk-3.15.0~a3-4.1.ppc64le",
"product": {
"name": "python315-tk-3.15.0~a3-4.1.ppc64le",
"product_id": "python315-tk-3.15.0~a3-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"product": {
"name": "python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"product_id": "python315-x86-64-v3-3.15.0~a3-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python315-3.15.0~a3-4.1.s390x",
"product": {
"name": "python315-3.15.0~a3-4.1.s390x",
"product_id": "python315-3.15.0~a3-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-curses-3.15.0~a3-4.1.s390x",
"product": {
"name": "python315-curses-3.15.0~a3-4.1.s390x",
"product_id": "python315-curses-3.15.0~a3-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-dbm-3.15.0~a3-4.1.s390x",
"product": {
"name": "python315-dbm-3.15.0~a3-4.1.s390x",
"product_id": "python315-dbm-3.15.0~a3-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-idle-3.15.0~a3-4.1.s390x",
"product": {
"name": "python315-idle-3.15.0~a3-4.1.s390x",
"product_id": "python315-idle-3.15.0~a3-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-profiling-3.15.0~a3-4.1.s390x",
"product": {
"name": "python315-profiling-3.15.0~a3-4.1.s390x",
"product_id": "python315-profiling-3.15.0~a3-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-tk-3.15.0~a3-4.1.s390x",
"product": {
"name": "python315-tk-3.15.0~a3-4.1.s390x",
"product_id": "python315-tk-3.15.0~a3-4.1.s390x"
}
},
{
"category": "product_version",
"name": "python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"product": {
"name": "python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"product_id": "python315-x86-64-v3-3.15.0~a3-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python315-3.15.0~a3-4.1.x86_64",
"product": {
"name": "python315-3.15.0~a3-4.1.x86_64",
"product_id": "python315-3.15.0~a3-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-curses-3.15.0~a3-4.1.x86_64",
"product": {
"name": "python315-curses-3.15.0~a3-4.1.x86_64",
"product_id": "python315-curses-3.15.0~a3-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-dbm-3.15.0~a3-4.1.x86_64",
"product": {
"name": "python315-dbm-3.15.0~a3-4.1.x86_64",
"product_id": "python315-dbm-3.15.0~a3-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-idle-3.15.0~a3-4.1.x86_64",
"product": {
"name": "python315-idle-3.15.0~a3-4.1.x86_64",
"product_id": "python315-idle-3.15.0~a3-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-profiling-3.15.0~a3-4.1.x86_64",
"product": {
"name": "python315-profiling-3.15.0~a3-4.1.x86_64",
"product_id": "python315-profiling-3.15.0~a3-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-tk-3.15.0~a3-4.1.x86_64",
"product": {
"name": "python315-tk-3.15.0~a3-4.1.x86_64",
"product_id": "python315-tk-3.15.0~a3-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "python315-x86-64-v3-3.15.0~a3-4.1.x86_64",
"product": {
"name": "python315-x86-64-v3-3.15.0~a3-4.1.x86_64",
"product_id": "python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-3.15.0~a3-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64"
},
"product_reference": "python315-3.15.0~a3-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-3.15.0~a3-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le"
},
"product_reference": "python315-3.15.0~a3-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-3.15.0~a3-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x"
},
"product_reference": "python315-3.15.0~a3-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-3.15.0~a3-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64"
},
"product_reference": "python315-3.15.0~a3-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-curses-3.15.0~a3-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64"
},
"product_reference": "python315-curses-3.15.0~a3-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-curses-3.15.0~a3-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le"
},
"product_reference": "python315-curses-3.15.0~a3-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-curses-3.15.0~a3-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x"
},
"product_reference": "python315-curses-3.15.0~a3-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-curses-3.15.0~a3-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64"
},
"product_reference": "python315-curses-3.15.0~a3-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-dbm-3.15.0~a3-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64"
},
"product_reference": "python315-dbm-3.15.0~a3-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-dbm-3.15.0~a3-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le"
},
"product_reference": "python315-dbm-3.15.0~a3-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-dbm-3.15.0~a3-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x"
},
"product_reference": "python315-dbm-3.15.0~a3-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-dbm-3.15.0~a3-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64"
},
"product_reference": "python315-dbm-3.15.0~a3-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-idle-3.15.0~a3-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64"
},
"product_reference": "python315-idle-3.15.0~a3-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-idle-3.15.0~a3-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le"
},
"product_reference": "python315-idle-3.15.0~a3-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-idle-3.15.0~a3-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x"
},
"product_reference": "python315-idle-3.15.0~a3-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-idle-3.15.0~a3-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64"
},
"product_reference": "python315-idle-3.15.0~a3-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-profiling-3.15.0~a3-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64"
},
"product_reference": "python315-profiling-3.15.0~a3-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-profiling-3.15.0~a3-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le"
},
"product_reference": "python315-profiling-3.15.0~a3-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-profiling-3.15.0~a3-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x"
},
"product_reference": "python315-profiling-3.15.0~a3-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-profiling-3.15.0~a3-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64"
},
"product_reference": "python315-profiling-3.15.0~a3-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-tk-3.15.0~a3-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64"
},
"product_reference": "python315-tk-3.15.0~a3-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-tk-3.15.0~a3-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le"
},
"product_reference": "python315-tk-3.15.0~a3-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-tk-3.15.0~a3-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x"
},
"product_reference": "python315-tk-3.15.0~a3-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-tk-3.15.0~a3-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64"
},
"product_reference": "python315-tk-3.15.0~a3-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-x86-64-v3-3.15.0~a3-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64"
},
"product_reference": "python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-x86-64-v3-3.15.0~a3-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le"
},
"product_reference": "python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-x86-64-v3-3.15.0~a3-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x"
},
"product_reference": "python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python315-x86-64-v3-3.15.0~a3-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
},
"product_reference": "python315-x86-64-v3-3.15.0~a3-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12781"
}
],
"notes": [
{
"category": "general",
"text": "When passing data to the b64decode(), standard_b64decode(), and urlsafe_b64decode() functions in the \"base64\" module the characters \"+/\" will always be accepted, regardless of the value of \"altchars\" parameter, typically used to establish an \"alternative base64 alphabet\" such as the URL safe alphabet. This behavior matches what is recommended in earlier base64 RFCs, but newer RFCs now recommend either dropping characters outside the specified base64 alphabet or raising an error. The old behavior has the possibility of causing data integrity issues.\n\n\n\n\nThis behavior can only be insecure if your application uses an alternate base64 alphabet (without \"+/\"). If your application does not use the \"altchars\" parameter or the urlsafe_b64decode() function, then your application does not use an alternative base64 alphabet.\n\n\n\n\nThe attached patches DOES NOT make the base64-decode behavior raise an error, as this would be a change in behavior and break existing programs. Instead, the patch deprecates the behavior which will be replaced with the newly recommended behavior in a future version of Python. Users are recommended to mitigate by verifying user-controlled inputs match the base64 \nalphabet they are expecting or verify that their application would not be \naffected if the b64decode() functions accepted \"+\" or \"/\" outside of altchars.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12781",
"url": "https://www.suse.com/security/cve/CVE-2025-12781"
},
{
"category": "external",
"summary": "SUSE Bug 1257108 for CVE-2025-12781",
"url": "https://bugzilla.suse.com/1257108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-05T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-12781"
},
{
"cve": "CVE-2025-15282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15282"
}
],
"notes": [
{
"category": "general",
"text": "User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15282",
"url": "https://www.suse.com/security/cve/CVE-2025-15282"
},
{
"category": "external",
"summary": "SUSE Bug 1257046 for CVE-2025-15282",
"url": "https://bugzilla.suse.com/1257046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-05T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-15282"
},
{
"cve": "CVE-2025-15366",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15366"
}
],
"notes": [
{
"category": "general",
"text": "The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15366",
"url": "https://www.suse.com/security/cve/CVE-2025-15366"
},
{
"category": "external",
"summary": "SUSE Bug 1257044 for CVE-2025-15366",
"url": "https://bugzilla.suse.com/1257044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-05T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-15366"
},
{
"cve": "CVE-2025-15367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15367"
}
],
"notes": [
{
"category": "general",
"text": "The poplib module, when passed a user-controlled command, can have\nadditional commands injected using newlines. Mitigation rejects commands\ncontaining control characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15367",
"url": "https://www.suse.com/security/cve/CVE-2025-15367"
},
{
"category": "external",
"summary": "SUSE Bug 1257041 for CVE-2025-15367",
"url": "https://bugzilla.suse.com/1257041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-05T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-15367"
},
{
"cve": "CVE-2026-0865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0865"
}
],
"notes": [
{
"category": "general",
"text": "User-controlled header names and values containing newlines can allow injecting HTTP headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0865",
"url": "https://www.suse.com/security/cve/CVE-2026-0865"
},
{
"category": "external",
"summary": "SUSE Bug 1257042 for CVE-2026-0865",
"url": "https://bugzilla.suse.com/1257042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-curses-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-dbm-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-idle-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-profiling-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-tk-3.15.0~a3-4.1.x86_64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.aarch64",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.ppc64le",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.s390x",
"openSUSE Tumbleweed:python315-x86-64-v3-3.15.0~a3-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-05T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-0865"
}
]
}
bit-python-2026-0865
Vulnerability from bitnami_vulndb
Published
2026-01-26 14:50
Modified
2026-01-26 15:09
Summary
wsgiref.headers.Headers allows header newline injection
Details
User-controlled header names and values containing newlines can allow injecting HTTP headers.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "python",
"purl": "pkg:bitnami/python"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15.0"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
],
"aliases": [
"CVE-2026-0865"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "User-controlled header names and values containing newlines can allow injecting HTTP headers.",
"id": "BIT-python-2026-0865",
"modified": "2026-01-26T15:09:56.435Z",
"published": "2026-01-26T14:50:04.789Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/issues/143916"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/pull/143917"
},
{
"type": "WEB",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0865"
}
],
"schema_version": "1.6.2",
"summary": "wsgiref.headers.Headers allows header newline injection"
}
bit-libpython-2026-0865
Vulnerability from bitnami_vulndb
Published
2026-01-26 14:43
Modified
2026-01-26 15:09
Summary
wsgiref.headers.Headers allows header newline injection
Details
User-controlled header names and values containing newlines can allow injecting HTTP headers.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "libpython",
"purl": "pkg:bitnami/libpython"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15.0"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
],
"aliases": [
"CVE-2026-0865"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "User-controlled header names and values containing newlines can allow injecting HTTP headers.",
"id": "BIT-libpython-2026-0865",
"modified": "2026-01-26T15:09:56.435Z",
"published": "2026-01-26T14:43:33.890Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/issues/143916"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/pull/143917"
},
{
"type": "WEB",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0865"
}
],
"schema_version": "1.6.2",
"summary": "wsgiref.headers.Headers allows header newline injection"
}
RHSA-2026:2128
Vulnerability from csaf_redhat - Published: 2026-02-05 15:48 - Updated: 2026-02-10 12:29Summary
Red Hat Security Advisory: python3 security update
Notes
Topic
An update for python3 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* cpython: wsgiref.headers.Headers allows header newline injection in Python (CVE-2026-0865)
* cpython: IMAP command injection in user-controlled commands (CVE-2025-15366)
* cpython: POP3 command injection in user-controlled commands (CVE-2025-15367)
* cpython: email header injection due to unquoted newlines (CVE-2026-1299)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python3 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* cpython: wsgiref.headers.Headers allows header newline injection in Python (CVE-2026-0865)\n\n* cpython: IMAP command injection in user-controlled commands (CVE-2025-15366)\n\n* cpython: POP3 command injection in user-controlled commands (CVE-2025-15367)\n\n* cpython: email header injection due to unquoted newlines (CVE-2026-1299)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2128",
"url": "https://access.redhat.com/errata/RHSA-2026:2128"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2431367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431367"
},
{
"category": "external",
"summary": "2431368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431368"
},
{
"category": "external",
"summary": "2431373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431373"
},
{
"category": "external",
"summary": "2432437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432437"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2128.json"
}
],
"title": "Red Hat Security Advisory: python3 security update",
"tracking": {
"current_release_date": "2026-02-10T12:29:53+00:00",
"generator": {
"date": "2026-02-10T12:29:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:2128",
"initial_release_date": "2026-02-05T15:48:06+00:00",
"revision_history": [
{
"date": "2026-02-05T15:48:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-05T15:48:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-10T12:29:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "platform-python-0:3.6.8-73.el8_10.i686",
"product": {
"name": "platform-python-0:3.6.8-73.el8_10.i686",
"product_id": "platform-python-0:3.6.8-73.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python@3.6.8-73.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "platform-python-debug-0:3.6.8-73.el8_10.i686",
"product": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.i686",
"product_id": "platform-python-debug-0:3.6.8-73.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-73.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "platform-python-devel-0:3.6.8-73.el8_10.i686",
"product": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.i686",
"product_id": "platform-python-devel-0:3.6.8-73.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-73.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-idle-0:3.6.8-73.el8_10.i686",
"product": {
"name": "python3-idle-0:3.6.8-73.el8_10.i686",
"product_id": "python3-idle-0:3.6.8-73.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-idle@3.6.8-73.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-test-0:3.6.8-73.el8_10.i686",
"product": {
"name": "python3-test-0:3.6.8-73.el8_10.i686",
"product_id": "python3-test-0:3.6.8-73.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-test@3.6.8-73.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-tkinter-0:3.6.8-73.el8_10.i686",
"product": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.i686",
"product_id": "python3-tkinter-0:3.6.8-73.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-73.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-debugsource-0:3.6.8-73.el8_10.i686",
"product": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.i686",
"product_id": "python3-debugsource-0:3.6.8-73.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-73.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-debuginfo-0:3.6.8-73.el8_10.i686",
"product": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.i686",
"product_id": "python3-debuginfo-0:3.6.8-73.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-73.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libs-0:3.6.8-73.el8_10.i686",
"product": {
"name": "python3-libs-0:3.6.8-73.el8_10.i686",
"product_id": "python3-libs-0:3.6.8-73.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libs@3.6.8-73.el8_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"product": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"product_id": "platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-73.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"product": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"product_id": "platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-73.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-idle-0:3.6.8-73.el8_10.x86_64",
"product": {
"name": "python3-idle-0:3.6.8-73.el8_10.x86_64",
"product_id": "python3-idle-0:3.6.8-73.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-idle@3.6.8-73.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"product": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"product_id": "python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-73.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"product": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"product_id": "python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-73.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"product": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"product_id": "python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-73.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "platform-python-0:3.6.8-73.el8_10.x86_64",
"product": {
"name": "platform-python-0:3.6.8-73.el8_10.x86_64",
"product_id": "platform-python-0:3.6.8-73.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python@3.6.8-73.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libs-0:3.6.8-73.el8_10.x86_64",
"product": {
"name": "python3-libs-0:3.6.8-73.el8_10.x86_64",
"product_id": "python3-libs-0:3.6.8-73.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libs@3.6.8-73.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-test-0:3.6.8-73.el8_10.x86_64",
"product": {
"name": "python3-test-0:3.6.8-73.el8_10.x86_64",
"product_id": "python3-test-0:3.6.8-73.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-test@3.6.8-73.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"product": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"product_id": "platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-73.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"product": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"product_id": "platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-73.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-idle-0:3.6.8-73.el8_10.aarch64",
"product": {
"name": "python3-idle-0:3.6.8-73.el8_10.aarch64",
"product_id": "python3-idle-0:3.6.8-73.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-idle@3.6.8-73.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"product": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"product_id": "python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-73.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"product": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"product_id": "python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-73.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"product": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"product_id": "python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-73.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "platform-python-0:3.6.8-73.el8_10.aarch64",
"product": {
"name": "platform-python-0:3.6.8-73.el8_10.aarch64",
"product_id": "platform-python-0:3.6.8-73.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python@3.6.8-73.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libs-0:3.6.8-73.el8_10.aarch64",
"product": {
"name": "python3-libs-0:3.6.8-73.el8_10.aarch64",
"product_id": "python3-libs-0:3.6.8-73.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libs@3.6.8-73.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-test-0:3.6.8-73.el8_10.aarch64",
"product": {
"name": "python3-test-0:3.6.8-73.el8_10.aarch64",
"product_id": "python3-test-0:3.6.8-73.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-test@3.6.8-73.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"product": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"product_id": "platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-73.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"product": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"product_id": "platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-73.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-idle-0:3.6.8-73.el8_10.ppc64le",
"product": {
"name": "python3-idle-0:3.6.8-73.el8_10.ppc64le",
"product_id": "python3-idle-0:3.6.8-73.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-idle@3.6.8-73.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"product": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"product_id": "python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-73.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"product": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"product_id": "python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-73.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"product": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"product_id": "python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-73.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "platform-python-0:3.6.8-73.el8_10.ppc64le",
"product": {
"name": "platform-python-0:3.6.8-73.el8_10.ppc64le",
"product_id": "platform-python-0:3.6.8-73.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python@3.6.8-73.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libs-0:3.6.8-73.el8_10.ppc64le",
"product": {
"name": "python3-libs-0:3.6.8-73.el8_10.ppc64le",
"product_id": "python3-libs-0:3.6.8-73.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libs@3.6.8-73.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-test-0:3.6.8-73.el8_10.ppc64le",
"product": {
"name": "python3-test-0:3.6.8-73.el8_10.ppc64le",
"product_id": "python3-test-0:3.6.8-73.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-test@3.6.8-73.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "platform-python-debug-0:3.6.8-73.el8_10.s390x",
"product": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.s390x",
"product_id": "platform-python-debug-0:3.6.8-73.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-73.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "platform-python-devel-0:3.6.8-73.el8_10.s390x",
"product": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.s390x",
"product_id": "platform-python-devel-0:3.6.8-73.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-73.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-idle-0:3.6.8-73.el8_10.s390x",
"product": {
"name": "python3-idle-0:3.6.8-73.el8_10.s390x",
"product_id": "python3-idle-0:3.6.8-73.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-idle@3.6.8-73.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-tkinter-0:3.6.8-73.el8_10.s390x",
"product": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.s390x",
"product_id": "python3-tkinter-0:3.6.8-73.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-73.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-debugsource-0:3.6.8-73.el8_10.s390x",
"product": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.s390x",
"product_id": "python3-debugsource-0:3.6.8-73.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-73.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"product": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"product_id": "python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-73.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "platform-python-0:3.6.8-73.el8_10.s390x",
"product": {
"name": "platform-python-0:3.6.8-73.el8_10.s390x",
"product_id": "platform-python-0:3.6.8-73.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/platform-python@3.6.8-73.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libs-0:3.6.8-73.el8_10.s390x",
"product": {
"name": "python3-libs-0:3.6.8-73.el8_10.s390x",
"product_id": "python3-libs-0:3.6.8-73.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libs@3.6.8-73.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-test-0:3.6.8-73.el8_10.s390x",
"product": {
"name": "python3-test-0:3.6.8-73.el8_10.s390x",
"product_id": "python3-test-0:3.6.8-73.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-test@3.6.8-73.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-0:3.6.8-73.el8_10.src",
"product": {
"name": "python3-0:3.6.8-73.el8_10.src",
"product_id": "python3-0:3.6.8-73.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3@3.6.8-73.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-0:3.6.8-73.el8_10.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src"
},
"product_reference": "python3-0:3.6.8-73.el8_10.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "platform-python-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-debug-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "platform-python-devel-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-0:3.6.8-73.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src"
},
"product_reference": "python3-0:3.6.8-73.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debuginfo-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-debugsource-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-idle-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libs-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-libs-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-test-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-test-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tkinter-0:3.6.8-73.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
},
"product_reference": "python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-15366",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2026-01-20T22:01:33.257688+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431368"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: IMAP command injection in user-controlled commands",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to have the privileges required to send malicious input to an application that sends IMAP commands to a server. Additionally, this flaw can allow attackers to manipulate the state of the mailbox (e.g., delete emails, move folders, flag messages) and to potentially read metadata or specific email content, but it does not allow arbitrary code execution or OS command injection. Due to these reasons, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15366"
},
{
"category": "external",
"summary": "RHBZ#2431368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431368"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15366"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/143921",
"url": "https://github.com/python/cpython/issues/143921"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/143922",
"url": "https://github.com/python/cpython/pull/143922"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/"
}
],
"release_date": "2026-01-20T21:40:24.938000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T15:48:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2128"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, ensure that no data passed to the imaplib module contains newline or carriage return characters.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: IMAP command injection in user-controlled commands"
},
{
"cve": "CVE-2025-15367",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2026-01-20T22:02:09.399038+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431373"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: POP3 command injection in user-controlled commands",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to have the privileges required to send malicious input to an application that sends POP3 commands to a server. Additionally, this flaw can allow attackers to manipulate the state of the mailbox (e.g., delete emails) and to potentially read metadata or specific email content, but it does not allow arbitrary code execution or OS command injection. Due to these reasons, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15367"
},
{
"category": "external",
"summary": "RHBZ#2431373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15367",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15367"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/143923",
"url": "https://github.com/python/cpython/issues/143923"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/143924",
"url": "https://github.com/python/cpython/pull/143924"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/"
}
],
"release_date": "2026-01-20T21:47:09.885000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T15:48:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2128"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, ensure that no data passed to the poplib module contains newline or carriage return characters.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: POP3 command injection in user-controlled commands"
},
{
"cve": "CVE-2026-0865",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2026-01-20T22:01:26.694713+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431367"
}
],
"notes": [
{
"category": "description",
"text": "User-controlled header names and values containing newlines can allow injecting HTTP headers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: wsgiref.headers.Headers allows header newline injection in Python",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0865"
},
{
"category": "external",
"summary": "RHBZ#2431367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0865",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0865"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/143916",
"url": "https://github.com/python/cpython/issues/143916"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/143917",
"url": "https://github.com/python/cpython/pull/143917"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/"
}
],
"release_date": "2026-01-20T21:26:15.274000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T15:48:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: wsgiref.headers.Headers allows header newline injection in Python"
},
{
"cve": "CVE-2026-1299",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-01-23T17:02:57.343486+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2432437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules, allowing an attacker to inject email headers and potentially modify message recipients or the email body, and spoof sender information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: email header injection due to unquoted newlines",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue can only be exploitable by Python applications using the LiteralHeader class to write email headers, as it does not respect email folding rules. Additionally, this issue allows attackers to modify message recipients or the email body and spoof sender identity but it does not cause memory corruption or arbitrary code execution. Due to these reasons, this vulnerability has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1299"
},
{
"category": "external",
"summary": "RHBZ#2432437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1299",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1299"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1299",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1299"
},
{
"category": "external",
"summary": "https://cve.org/CVERecord?id=CVE-2024-6923",
"url": "https://cve.org/CVERecord?id=CVE-2024-6923"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413",
"url": "https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/144125",
"url": "https://github.com/python/cpython/issues/144125"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/144126",
"url": "https://github.com/python/cpython/pull/144126"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/"
}
],
"release_date": "2026-01-23T16:27:13.346000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T15:48:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2128"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications accepting user-supplied data for email headers should sanitize the input by stripping or rejecting any strings containing carriage return or line feed characters, \u0027\\r\u0027 or \u0027\\n\u0027, respectively, preventing malicious sequences that could lead to header manipulation.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-debug-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:platform-python-devel-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-0:3.6.8-73.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debuginfo-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-debugsource-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-idle-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libs-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-test-0:3.6.8-73.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-tkinter-0:3.6.8-73.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: email header injection due to unquoted newlines"
}
]
}
GHSA-5MC7-P6PJ-R3F5
Vulnerability from github – Published: 2026-01-21 00:31 – Updated: 2026-01-21 00:31
VLAI?
Details
User-controlled header names and values containing newlines can allow injecting HTTP headers.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2026-0865"
],
"database_specific": {
"cwe_ids": [
"CWE-74"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-20T22:15:52Z",
"severity": "MODERATE"
},
"details": "User-controlled header names and values containing newlines can allow injecting HTTP headers.",
"id": "GHSA-5mc7-p6pj-r3f5",
"modified": "2026-01-21T00:31:42Z",
"published": "2026-01-21T00:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0865"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/issues/143916"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/pull/143917"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995"
},
{
"type": "WEB",
"url": "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211"
},
{
"type": "WEB",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
FKIE_CVE-2026-0865
Vulnerability from fkie_nvd - Published: 2026-01-20 22:15 - Updated: 2026-01-26 15:05
Severity ?
Summary
User-controlled header names and values containing newlines can allow injecting HTTP headers.
References
| URL | Tags | ||
|---|---|---|---|
| cna@python.org | https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58 | ||
| cna@python.org | https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510 | ||
| cna@python.org | https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2 | ||
| cna@python.org | https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5 | ||
| cna@python.org | https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995 | ||
| cna@python.org | https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211 | ||
| cna@python.org | https://github.com/python/cpython/issues/143916 | ||
| cna@python.org | https://github.com/python/cpython/pull/143917 | ||
| cna@python.org | https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/ |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "User-controlled header names and values containing newlines can allow injecting HTTP headers."
}
],
"id": "CVE-2026-0865",
"lastModified": "2026-01-26T15:05:23.427",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@python.org",
"type": "Secondary"
}
]
},
"published": "2026-01-20T22:15:52.800",
"references": [
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/issues/143916"
},
{
"source": "cna@python.org",
"url": "https://github.com/python/cpython/pull/143917"
},
{
"source": "cna@python.org",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/"
}
],
"sourceIdentifier": "cna@python.org",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "cna@python.org",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…