Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye

Type deb

Namespace debian

Name python3.9

Version 3.9.2-1+deb11u5

Qualifiers

distro	bullseye

Subpath

Is_vulnerable false

Next_non_vulnerable_version 3.9.2-1+deb11u6

Latest_non_vulnerable_version 3.9.2-1+deb11u6

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-39e1-7qrc-53av

vulnerability_id VCID-39e1-7qrc-53av

summary cpython: IMAP command injection in user-controlled commands

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15366.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15366.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-15366

reference_id

reference_type

scores

value	0.00081
scoring_system	epss
scoring_elements	0.23923
published_at	2026-04-02T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23796
published_at	2026-04-16T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23964
published_at	2026-04-04T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23752
published_at	2026-04-07T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23823
published_at	2026-04-08T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.2387
published_at	2026-04-09T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23885
published_at	2026-04-11T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23841
published_at	2026-04-12T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23784
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-15366

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/issues/143921

reference_id

143921

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:32Z/

url

https://github.com/python/cpython/issues/143921

reference_url

https://github.com/python/cpython/pull/143922

reference_id

143922

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:32Z/

url

https://github.com/python/cpython/pull/143922

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2431368
reference_id	2431368
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2431368

reference_url

https://github.com/python/cpython/commit/6262704b134db2a4ba12e85ecfbd968534f28b45

reference_id

6262704b134db2a4ba12e85ecfbd968534f28b45

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:32Z/

url

https://github.com/python/cpython/commit/6262704b134db2a4ba12e85ecfbd968534f28b45

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/

reference_id

DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:32Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/

reference_url	https://access.redhat.com/errata/RHSA-2026:2128
reference_id	RHSA-2026:2128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2128

reference_url	https://access.redhat.com/errata/RHSA-2026:4165
reference_id	RHSA-2026:4165
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4165

reference_url	https://access.redhat.com/errata/RHSA-2026:4168
reference_id	RHSA-2026:4168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4168

reference_url	https://access.redhat.com/errata/RHSA-2026:4216
reference_id	RHSA-2026:4216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4216

reference_url	https://access.redhat.com/errata/RHSA-2026:4463
reference_id	RHSA-2026:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4463

reference_url	https://access.redhat.com/errata/RHSA-2026:4473
reference_id	RHSA-2026:4473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4473

reference_url	https://access.redhat.com/errata/RHSA-2026:4713
reference_id	RHSA-2026:4713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4713

reference_url	https://access.redhat.com/errata/RHSA-2026:4746
reference_id	RHSA-2026:4746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4746

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://access.redhat.com/errata/RHSA-2026:5152
reference_id	RHSA-2026:5152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5152

reference_url	https://access.redhat.com/errata/RHSA-2026:5215
reference_id	RHSA-2026:5215
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5215

reference_url	https://access.redhat.com/errata/RHSA-2026:5216
reference_id	RHSA-2026:5216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5216

reference_url	https://access.redhat.com/errata/RHSA-2026:5218
reference_id	RHSA-2026:5218
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5218

reference_url	https://access.redhat.com/errata/RHSA-2026:5219
reference_id	RHSA-2026:5219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5219

reference_url	https://access.redhat.com/errata/RHSA-2026:5221
reference_id	RHSA-2026:5221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5221

reference_url	https://access.redhat.com/errata/RHSA-2026:5223
reference_id	RHSA-2026:5223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5223

reference_url	https://access.redhat.com/errata/RHSA-2026:5225
reference_id	RHSA-2026:5225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5225

reference_url	https://access.redhat.com/errata/RHSA-2026:5226
reference_id	RHSA-2026:5226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5226

reference_url	https://access.redhat.com/errata/RHSA-2026:5315
reference_id	RHSA-2026:5315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5315

reference_url	https://access.redhat.com/errata/RHSA-2026:5393
reference_id	RHSA-2026:5393
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5393

reference_url	https://access.redhat.com/errata/RHSA-2026:5399
reference_id	RHSA-2026:5399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5399

reference_url	https://access.redhat.com/errata/RHSA-2026:5606
reference_id	RHSA-2026:5606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5606

reference_url	https://access.redhat.com/errata/RHSA-2026:6007
reference_id	RHSA-2026:6007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6007

reference_url	https://access.redhat.com/errata/RHSA-2026:6008
reference_id	RHSA-2026:6008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6008

reference_url	https://access.redhat.com/errata/RHSA-2026:6253
reference_id	RHSA-2026:6253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6253

reference_url	https://access.redhat.com/errata/RHSA-2026:6464
reference_id	RHSA-2026:6464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6464

reference_url	https://access.redhat.com/errata/RHSA-2026:7329
reference_id	RHSA-2026:7329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7329

reference_url	https://access.redhat.com/errata/RHSA-2026:8746
reference_id	RHSA-2026:8746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8746

reference_url	https://access.redhat.com/errata/RHSA-2026:8747
reference_id	RHSA-2026:8747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8747

reference_url	https://access.redhat.com/errata/RHSA-2026:8748
reference_id	RHSA-2026:8748
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8748

reference_url	https://usn.ubuntu.com/8018-1/
reference_id	USN-8018-1
reference_type
scores
url	https://usn.ubuntu.com/8018-1/

reference_url	https://usn.ubuntu.com/8018-2/
reference_id	USN-8018-2
reference_type
scores
url	https://usn.ubuntu.com/8018-2/

fixed_packages

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u5%3Fdistro=bullseye

aliases CVE-2025-15366

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-39e1-7qrc-53av

url VCID-8b19-pezx-6bcd

vulnerability_id VCID-8b19-pezx-6bcd

summary cpython: wsgiref.headers.Headers allows header newline injection in Python

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0865.json

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0865.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-0865

reference_id

reference_type

scores

value	0.00132
scoring_system	epss
scoring_elements	0.32822
published_at	2026-04-02T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32709
published_at	2026-04-18T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32731
published_at	2026-04-16T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32692
published_at	2026-04-13T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32719
published_at	2026-04-12T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32755
published_at	2026-04-11T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32753
published_at	2026-04-09T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32679
published_at	2026-04-07T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32727
published_at	2026-04-08T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32858
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-0865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126739
reference_id	1126739
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126739

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126740
reference_id	1126740
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126740

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126741
reference_id	1126741
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126741

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126742
reference_id	1126742
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126742

reference_url

https://github.com/python/cpython/issues/143916

reference_id

143916

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/issues/143916

reference_url

https://github.com/python/cpython/pull/143917

reference_id

143917

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/pull/143917

reference_url

https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58

reference_id

22e4d55285cee52bc4dbe061324e5f30bd4dee58

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58

reference_url

https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510

reference_id

23e3c0ae867cca0130e441e776c9955b9027c510

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2431367
reference_id	2431367
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2431367

reference_url

https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f

reference_id

286e3ac39984fe85a17f4ab39c64d382137aae5f

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f

reference_url

https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2

reference_id

2f840249550e082dc351743f474ba56da10478d2

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2

reference_url

https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5

reference_id

4802b96a2cde58570c24c13ef3289490980961c5

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5

reference_url

https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6

reference_id

66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6

reference_url

https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff

reference_id

83ecd18779f286d872f68bfce175651e407d9fff

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff

reference_url

https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97

reference_id

8bb044d29310bb05d15086cdaa8bf64867d61a97

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97

reference_url

https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf

reference_id

bfba660085767f8c2d582134e9d511a85eda04cf

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/

reference_id

BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/

reference_url

https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219

reference_id

c592227ffb48679af9845a45dbb0875d975bb219

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219

reference_url

https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995

reference_id

e4846a93ac07a8ae9aa18203af0dd13d6e7a6995

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995

reference_url

https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211

reference_id

f7fceed79ca1bceae8dbe5ba5bc8928564da7211

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/

url

https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211

reference_url	https://access.redhat.com/errata/RHSA-2026:2128
reference_id	RHSA-2026:2128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2128

reference_url	https://access.redhat.com/errata/RHSA-2026:4168
reference_id	RHSA-2026:4168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4168

reference_url	https://access.redhat.com/errata/RHSA-2026:4463
reference_id	RHSA-2026:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4463

reference_url	https://access.redhat.com/errata/RHSA-2026:4473
reference_id	RHSA-2026:4473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4473

reference_url	https://access.redhat.com/errata/RHSA-2026:4713
reference_id	RHSA-2026:4713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4713

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://access.redhat.com/errata/RHSA-2026:5606
reference_id	RHSA-2026:5606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5606

reference_url	https://access.redhat.com/errata/RHSA-2026:6253
reference_id	RHSA-2026:6253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6253

reference_url	https://usn.ubuntu.com/8018-1/
reference_id	USN-8018-1
reference_type
scores
url	https://usn.ubuntu.com/8018-1/

reference_url	https://usn.ubuntu.com/8018-2/
reference_id	USN-8018-2
reference_type
scores
url	https://usn.ubuntu.com/8018-2/

reference_url	https://usn.ubuntu.com/8018-3/
reference_id	USN-8018-3
reference_type
scores
url	https://usn.ubuntu.com/8018-3/

fixed_packages

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u5%3Fdistro=bullseye

aliases CVE-2026-0865

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8b19-pezx-6bcd

url VCID-94n7-6q4s-3udv

vulnerability_id VCID-94n7-6q4s-3udv

summary cpython: Header injection via newlines in data URL mediatype in Python

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15282.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15282.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-15282

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13681
published_at	2026-04-02T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13472
published_at	2026-04-18T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13742
published_at	2026-04-04T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13544
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13624
published_at	2026-04-08T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13676
published_at	2026-04-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13646
published_at	2026-04-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13609
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13561
published_at	2026-04-13T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13476
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-15282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15282
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15282

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0

reference_id

05356b1cc153108aaf27f3b72ce438af4aa218c0

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/

url

https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126779
reference_id	1126779
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126779

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126780
reference_id	1126780
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126780

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126781
reference_id	1126781
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126781

reference_url

https://github.com/python/cpython/issues/143925

reference_id

143925

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/

url

https://github.com/python/cpython/issues/143925

reference_url

https://github.com/python/cpython/pull/143926

reference_id

143926

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/

url

https://github.com/python/cpython/pull/143926

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2431366
reference_id	2431366
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2431366

reference_url

https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38

reference_id

34d76b00dabde81a793bd06dd8ecb057838c4b38

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/

url

https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38

reference_url

https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80

reference_id

3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/

url

https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80

reference_url

https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47

reference_id

4ed11d3cd288e6b90196a15c5a825a45d318fe47

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/

url

https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47

reference_url

https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a

reference_id

a35ca3be5842505dab74dc0b90b89cde0405017a

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/

url

https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a

reference_url

https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f

reference_id

f25509e78e8be6ea73c811ac2b8c928c28841b9f

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/

url

https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f

reference_url	https://usn.ubuntu.com/8018-1/
reference_id	USN-8018-1
reference_type
scores
url	https://usn.ubuntu.com/8018-1/

reference_url	https://usn.ubuntu.com/8018-3/
reference_id	USN-8018-3
reference_type
scores
url	https://usn.ubuntu.com/8018-3/

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/

reference_id

X66HL7SISGJT33J53OHXMZT4DFLMHVKF

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/

fixed_packages

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u5%3Fdistro=bullseye

aliases CVE-2025-15282

risk_score 2.7

exploitability 0.5

weighted_severity 5.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-94n7-6q4s-3udv

url VCID-bn83-d2qp-9bfy

vulnerability_id VCID-bn83-d2qp-9bfy

summary cpython: Missing character filtering in Python

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-11468

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.11821
published_at	2026-04-02T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11595
published_at	2026-04-18T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11863
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11649
published_at	2026-04-07T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11734
published_at	2026-04-08T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11787
published_at	2026-04-09T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11797
published_at	2026-04-11T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11759
published_at	2026-04-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11733
published_at	2026-04-13T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11597
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-11468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094

reference_id

003b8315669b9f08b1010a49071f73f15f818094

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786
reference_id	1126786
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787
reference_id	1126787
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788
reference_id	1126788
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788

reference_url

https://github.com/python/cpython/issues/143935

reference_id

143935

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/issues/143935

reference_url

https://github.com/python/cpython/pull/143936

reference_id

143936

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/pull/143936

reference_url

https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2

reference_id

17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2431375
reference_id	2431375
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2431375

reference_url

https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6

reference_id

61614a5e5056e4f61ced65008d4576f3df34acb6

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6

reference_url

https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66

reference_id

a76e4cd62dd68e7cbe86e37e6ed988495a646b66

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66

reference_url

https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0

reference_id

e9970f077240c7c670e8a6fc6662f2b30d3b6ad0

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0

reference_url

https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796

reference_id

f738386838021c762efea6c9802c82de65e87796

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/

reference_id

FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/

reference_url	https://usn.ubuntu.com/8018-1/
reference_id	USN-8018-1
reference_type
scores
url	https://usn.ubuntu.com/8018-1/

fixed_packages

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u5%3Fdistro=bullseye

aliases CVE-2025-11468

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bn83-d2qp-9bfy

url VCID-kn9b-2gxw-gqgx

vulnerability_id VCID-kn9b-2gxw-gqgx

summary cpython: email header injection due to unquoted newlines

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1299.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1299.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-1299

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13681
published_at	2026-04-02T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13472
published_at	2026-04-18T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13742
published_at	2026-04-04T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13544
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13624
published_at	2026-04-08T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13676
published_at	2026-04-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13646
published_at	2026-04-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13609
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13561
published_at	2026-04-13T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13476
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-1299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413

reference_id

052e55e7d44718fe46cbba0ca995cb8fcc359413

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413

reference_url

https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8

reference_id

0a925ab591c45d6638f37b5e57796f36fa0e56d8

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126744
reference_id	1126744
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126744

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126745
reference_id	1126745
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126745

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126746
reference_id	1126746
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126746

reference_url

https://github.com/python/cpython/issues/144125

reference_id

144125

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://github.com/python/cpython/issues/144125

reference_url

https://github.com/python/cpython/pull/144126

reference_id

144126

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://github.com/python/cpython/pull/144126

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2432437
reference_id	2432437
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2432437

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/

reference_id

6ZZULGALJTITEAGEXLDJE2C6FORDXPBT

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/

reference_url

https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9

reference_id

7877fe424415bc4a13045e62a90a7277413d8cb9

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9

reference_url

https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4

reference_id

842ce19a0c0b58d61591e8f6a708c38db1fb94e4

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4

reference_url

https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36

reference_id

8cdf6204f4ae821f32993f8fc6bad0d318f95f36

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36

reference_url

https://cve.org/CVERecord?id=CVE-2024-6923

reference_id

CVERecord?id=CVE-2024-6923

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://cve.org/CVERecord?id=CVE-2024-6923

reference_url

https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a

reference_id

e417f05ad77a4c30ddc07f99e90fc0cef43e831a

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/

url

https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a

reference_url	https://access.redhat.com/errata/RHSA-2026:2128
reference_id	RHSA-2026:2128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2128

reference_url	https://access.redhat.com/errata/RHSA-2026:4165
reference_id	RHSA-2026:4165
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4165

reference_url	https://access.redhat.com/errata/RHSA-2026:4168
reference_id	RHSA-2026:4168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4168

reference_url	https://access.redhat.com/errata/RHSA-2026:4216
reference_id	RHSA-2026:4216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4216

reference_url	https://access.redhat.com/errata/RHSA-2026:4463
reference_id	RHSA-2026:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4463

reference_url	https://access.redhat.com/errata/RHSA-2026:4473
reference_id	RHSA-2026:4473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4473

reference_url	https://access.redhat.com/errata/RHSA-2026:4713
reference_id	RHSA-2026:4713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4713

reference_url	https://access.redhat.com/errata/RHSA-2026:4746
reference_id	RHSA-2026:4746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4746

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://access.redhat.com/errata/RHSA-2026:5152
reference_id	RHSA-2026:5152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5152

reference_url	https://access.redhat.com/errata/RHSA-2026:5215
reference_id	RHSA-2026:5215
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5215

reference_url	https://access.redhat.com/errata/RHSA-2026:5216
reference_id	RHSA-2026:5216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5216

reference_url	https://access.redhat.com/errata/RHSA-2026:5218
reference_id	RHSA-2026:5218
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5218

reference_url	https://access.redhat.com/errata/RHSA-2026:5219
reference_id	RHSA-2026:5219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5219

reference_url	https://access.redhat.com/errata/RHSA-2026:5221
reference_id	RHSA-2026:5221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5221

reference_url	https://access.redhat.com/errata/RHSA-2026:5223
reference_id	RHSA-2026:5223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5223

reference_url	https://access.redhat.com/errata/RHSA-2026:5225
reference_id	RHSA-2026:5225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5225

reference_url	https://access.redhat.com/errata/RHSA-2026:5226
reference_id	RHSA-2026:5226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5226

reference_url	https://access.redhat.com/errata/RHSA-2026:5315
reference_id	RHSA-2026:5315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5315

reference_url	https://access.redhat.com/errata/RHSA-2026:5399
reference_id	RHSA-2026:5399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5399

reference_url	https://access.redhat.com/errata/RHSA-2026:5606
reference_id	RHSA-2026:5606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5606

reference_url	https://access.redhat.com/errata/RHSA-2026:6008
reference_id	RHSA-2026:6008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6008

reference_url	https://access.redhat.com/errata/RHSA-2026:6253
reference_id	RHSA-2026:6253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6253

reference_url	https://access.redhat.com/errata/RHSA-2026:6464
reference_id	RHSA-2026:6464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6464

reference_url	https://access.redhat.com/errata/RHSA-2026:7329
reference_id	RHSA-2026:7329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7329

reference_url	https://access.redhat.com/errata/RHSA-2026:8746
reference_id	RHSA-2026:8746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8746

reference_url	https://access.redhat.com/errata/RHSA-2026:8747
reference_id	RHSA-2026:8747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8747

reference_url	https://access.redhat.com/errata/RHSA-2026:8748
reference_id	RHSA-2026:8748
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8748

fixed_packages

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u5%3Fdistro=bullseye

aliases CVE-2026-1299

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kn9b-2gxw-gqgx

url VCID-nqqc-u8d5-8qf6

vulnerability_id VCID-nqqc-u8d5-8qf6

summary cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12084.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12084.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-12084

reference_id

reference_type

scores

value	0.00049
scoring_system	epss
scoring_elements	0.15347
published_at	2026-04-02T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17978
published_at	2026-04-18T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18263
published_at	2026-04-04T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17965
published_at	2026-04-07T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.1805
published_at	2026-04-08T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18111
published_at	2026-04-09T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18118
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18075
published_at	2026-04-12T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18025
published_at	2026-04-13T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.17968
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-12084

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12084

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0

reference_id

027f21e417b26eed4505ac2db101a4352b7c51a0

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/027f21e417b26eed4505ac2db101a4352b7c51a0

reference_url

https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4

reference_id

08d8e18ad81cd45bc4a27d6da478b51ea49486e4

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/08d8e18ad81cd45bc4a27d6da478b51ea49486e4

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126784
reference_id	1126784
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126784

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126785
reference_id	1126785
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126785

reference_url

https://github.com/python/cpython/issues/142145

reference_id

142145

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/issues/142145

reference_url

https://github.com/python/cpython/pull/142146

reference_id

142146

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/pull/142146

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2418655
reference_id	2418655
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2418655

reference_url

https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437

reference_id

27648a1818749ef44c420afe6173af6868715437

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/27648a1818749ef44c420afe6173af6868715437

reference_url

https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af

reference_id

41f468786762348960486c166833a218a0a436af

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/41f468786762348960486c166833a218a0a436af

reference_url

https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273

reference_id

57937a8e5e293f0dcba5115f7b7a11b1e0c9a273

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/57937a8e5e293f0dcba5115f7b7a11b1e0c9a273

reference_url

https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907

reference_id

8d2d7bb2e754f8649a68ce4116271a4932f76907

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/8d2d7bb2e754f8649a68ce4116271a4932f76907

reference_url

https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d

reference_id

9c9dda6625a2a90d2a06c657eee021d6be19842d

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d

reference_url

https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8

reference_id

a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8

reference_url

https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8

reference_id

a696ba8b4d42fd632afc9bc88ad830a2e4cceed8

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8

reference_url

https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0

reference_id

c97e87593063d84a2bd9fe7068b30eb44de23dc0

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0

reference_url

https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964

reference_id

ddcd2acd85d891a53e281c773b3093f9db953964

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964

reference_url

https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53

reference_id

e91c11449cad34bac3ea55ee09ca557691d92b53

reference_type

scores

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:13:23Z/

url

https://github.com/python/cpython/commit/e91c11449cad34bac3ea55ee09ca557691d92b53

reference_url	https://access.redhat.com/errata/RHSA-2026:0123
reference_id	RHSA-2026:0123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0123

reference_url	https://access.redhat.com/errata/RHSA-2026:1374
reference_id	RHSA-2026:1374
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1374

reference_url	https://access.redhat.com/errata/RHSA-2026:1408
reference_id	RHSA-2026:1408
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1408

reference_url	https://access.redhat.com/errata/RHSA-2026:1410
reference_id	RHSA-2026:1410
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1410

reference_url	https://access.redhat.com/errata/RHSA-2026:1478
reference_id	RHSA-2026:1478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1478

reference_url	https://access.redhat.com/errata/RHSA-2026:1537
reference_id	RHSA-2026:1537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1537

reference_url	https://access.redhat.com/errata/RHSA-2026:1558
reference_id	RHSA-2026:1558
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1558

reference_url	https://access.redhat.com/errata/RHSA-2026:1582
reference_id	RHSA-2026:1582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1582

reference_url	https://access.redhat.com/errata/RHSA-2026:1583
reference_id	RHSA-2026:1583
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1583

reference_url	https://access.redhat.com/errata/RHSA-2026:1620
reference_id	RHSA-2026:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1620

reference_url	https://access.redhat.com/errata/RHSA-2026:1631
reference_id	RHSA-2026:1631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1631

reference_url	https://access.redhat.com/errata/RHSA-2026:1736
reference_id	RHSA-2026:1736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1736

reference_url	https://access.redhat.com/errata/RHSA-2026:1828
reference_id	RHSA-2026:1828
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1828

reference_url	https://access.redhat.com/errata/RHSA-2026:1892
reference_id	RHSA-2026:1892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1892

reference_url	https://access.redhat.com/errata/RHSA-2026:1893
reference_id	RHSA-2026:1893
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1893

reference_url	https://access.redhat.com/errata/RHSA-2026:1922
reference_id	RHSA-2026:1922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1922

reference_url	https://access.redhat.com/errata/RHSA-2026:2084
reference_id	RHSA-2026:2084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2084

reference_url	https://access.redhat.com/errata/RHSA-2026:2233
reference_id	RHSA-2026:2233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2233

reference_url	https://access.redhat.com/errata/RHSA-2026:2275
reference_id	RHSA-2026:2275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2275

reference_url	https://access.redhat.com/errata/RHSA-2026:2276
reference_id	RHSA-2026:2276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2276

reference_url	https://access.redhat.com/errata/RHSA-2026:2330
reference_id	RHSA-2026:2330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2330

reference_url	https://access.redhat.com/errata/RHSA-2026:2391
reference_id	RHSA-2026:2391
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2391

reference_url	https://access.redhat.com/errata/RHSA-2026:2392
reference_id	RHSA-2026:2392
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2392

reference_url	https://access.redhat.com/errata/RHSA-2026:2393
reference_id	RHSA-2026:2393
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2393

reference_url	https://access.redhat.com/errata/RHSA-2026:2563
reference_id	RHSA-2026:2563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2563

reference_url	https://access.redhat.com/errata/RHSA-2026:2713
reference_id	RHSA-2026:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2713

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://usn.ubuntu.com/8018-1/
reference_id	USN-8018-1
reference_type
scores
url	https://usn.ubuntu.com/8018-1/

reference_url	https://usn.ubuntu.com/8018-3/
reference_id	USN-8018-3
reference_type
scores
url	https://usn.ubuntu.com/8018-3/

fixed_packages

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u5%3Fdistro=bullseye

aliases CVE-2025-12084

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqqc-u8d5-8qf6

url VCID-uf5s-kms5-g7a9

vulnerability_id VCID-uf5s-kms5-g7a9

summary cpython: POP3 command injection in user-controlled commands

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15367.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15367.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-15367

reference_id

reference_type

scores

value	0.00081
scoring_system	epss
scoring_elements	0.23923
published_at	2026-04-02T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23796
published_at	2026-04-16T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23964
published_at	2026-04-04T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23752
published_at	2026-04-07T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23823
published_at	2026-04-08T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.2387
published_at	2026-04-09T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23885
published_at	2026-04-11T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23841
published_at	2026-04-12T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.23784
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-15367

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/issues/143923

reference_id

143923

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:33Z/

url

https://github.com/python/cpython/issues/143923

reference_url

https://github.com/python/cpython/pull/143924

reference_id

143924

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:33Z/

url

https://github.com/python/cpython/pull/143924

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2431373
reference_id	2431373
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2431373

reference_url

https://github.com/python/cpython/commit/b234a2b67539f787e191d2ef19a7cbdce32874e7

reference_id

b234a2b67539f787e191d2ef19a7cbdce32874e7

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:33Z/

url

https://github.com/python/cpython/commit/b234a2b67539f787e191d2ef19a7cbdce32874e7

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/

reference_id

CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-22T04:55:33Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/

reference_url	https://access.redhat.com/errata/RHSA-2026:2128
reference_id	RHSA-2026:2128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2128

reference_url	https://access.redhat.com/errata/RHSA-2026:4165
reference_id	RHSA-2026:4165
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4165

reference_url	https://access.redhat.com/errata/RHSA-2026:4168
reference_id	RHSA-2026:4168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4168

reference_url	https://access.redhat.com/errata/RHSA-2026:4216
reference_id	RHSA-2026:4216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4216

reference_url	https://access.redhat.com/errata/RHSA-2026:4463
reference_id	RHSA-2026:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4463

reference_url	https://access.redhat.com/errata/RHSA-2026:4473
reference_id	RHSA-2026:4473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4473

reference_url	https://access.redhat.com/errata/RHSA-2026:4713
reference_id	RHSA-2026:4713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4713

reference_url	https://access.redhat.com/errata/RHSA-2026:4746
reference_id	RHSA-2026:4746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4746

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://access.redhat.com/errata/RHSA-2026:5152
reference_id	RHSA-2026:5152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5152

reference_url	https://access.redhat.com/errata/RHSA-2026:5215
reference_id	RHSA-2026:5215
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5215

reference_url	https://access.redhat.com/errata/RHSA-2026:5216
reference_id	RHSA-2026:5216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5216

reference_url	https://access.redhat.com/errata/RHSA-2026:5218
reference_id	RHSA-2026:5218
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5218

reference_url	https://access.redhat.com/errata/RHSA-2026:5219
reference_id	RHSA-2026:5219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5219

reference_url	https://access.redhat.com/errata/RHSA-2026:5221
reference_id	RHSA-2026:5221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5221

reference_url	https://access.redhat.com/errata/RHSA-2026:5223
reference_id	RHSA-2026:5223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5223

reference_url	https://access.redhat.com/errata/RHSA-2026:5225
reference_id	RHSA-2026:5225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5225

reference_url	https://access.redhat.com/errata/RHSA-2026:5226
reference_id	RHSA-2026:5226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5226

reference_url	https://access.redhat.com/errata/RHSA-2026:5315
reference_id	RHSA-2026:5315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5315

reference_url	https://access.redhat.com/errata/RHSA-2026:5393
reference_id	RHSA-2026:5393
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5393

reference_url	https://access.redhat.com/errata/RHSA-2026:5399
reference_id	RHSA-2026:5399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5399

reference_url	https://access.redhat.com/errata/RHSA-2026:5606
reference_id	RHSA-2026:5606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5606

reference_url	https://access.redhat.com/errata/RHSA-2026:6007
reference_id	RHSA-2026:6007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6007

reference_url	https://access.redhat.com/errata/RHSA-2026:6008
reference_id	RHSA-2026:6008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6008

reference_url	https://access.redhat.com/errata/RHSA-2026:6253
reference_id	RHSA-2026:6253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6253

reference_url	https://access.redhat.com/errata/RHSA-2026:6464
reference_id	RHSA-2026:6464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6464

reference_url	https://access.redhat.com/errata/RHSA-2026:7329
reference_id	RHSA-2026:7329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7329

reference_url	https://access.redhat.com/errata/RHSA-2026:8746
reference_id	RHSA-2026:8746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8746

reference_url	https://access.redhat.com/errata/RHSA-2026:8747
reference_id	RHSA-2026:8747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8747

reference_url	https://access.redhat.com/errata/RHSA-2026:8748
reference_id	RHSA-2026:8748
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8748

reference_url	https://usn.ubuntu.com/8018-1/
reference_id	USN-8018-1
reference_type
scores
url	https://usn.ubuntu.com/8018-1/

reference_url	https://usn.ubuntu.com/8018-2/
reference_id	USN-8018-2
reference_type
scores
url	https://usn.ubuntu.com/8018-2/

fixed_packages

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u5%3Fdistro=bullseye

aliases CVE-2025-15367

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uf5s-kms5-g7a9

url VCID-zh1r-7rzh-2bez

vulnerability_id VCID-zh1r-7rzh-2bez

summary cpython: Header injection in http.cookies.Morsel in Python

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0672.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0672.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-0672

reference_id

reference_type

scores

value	0.00158
scoring_system	epss
scoring_elements	0.36748
published_at	2026-04-02T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36659
published_at	2026-04-18T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36779
published_at	2026-04-04T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36615
published_at	2026-04-07T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36667
published_at	2026-04-08T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36683
published_at	2026-04-09T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36692
published_at	2026-04-11T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36658
published_at	2026-04-12T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36632
published_at	2026-04-13T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36677
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-0672

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0672
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0672

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126761
reference_id	1126761
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126761

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126762
reference_id	1126762
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126762

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126763
reference_id	1126763
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126763

reference_url

https://github.com/python/cpython/issues/143919

reference_id

143919

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/

url

https://github.com/python/cpython/issues/143919

reference_url

https://github.com/python/cpython/pull/143920

reference_id

143920

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/

url

https://github.com/python/cpython/pull/143920

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2431374
reference_id	2431374
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2431374

reference_url

https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172

reference_id

62700107418eb2cca3fc88da036a243ea975f172

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/

url

https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172

reference_url

https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/

reference_id

6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/

url

https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/

reference_url

https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440

reference_id

712452e6f1d4b9f7f8c4c92ebfcaac1705faa440

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/

url

https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440

reference_url

https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d

reference_id

7852d72b653fea0199acf5fc2a84f6f8b84eba8d

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/

url

https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d

reference_url

https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca

reference_id

918387e4912d12ffc166c8f2a38df92b6ec756ca

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/

url

https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca

reference_url

https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70

reference_id

95746b3a13a985787ef53b977129041971ed7f70

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/

url

https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70

reference_url

https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85

reference_id

b1869ff648bbee0717221d09e6deff46617f3e85

reference_type

scores

value	6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/

url

https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85

reference_url	https://usn.ubuntu.com/8018-1/
reference_id	USN-8018-1
reference_type
scores
url	https://usn.ubuntu.com/8018-1/

reference_url	https://usn.ubuntu.com/8018-3/
reference_id	USN-8018-3
reference_type
scores
url	https://usn.ubuntu.com/8018-3/

fixed_packages

url	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye

url	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
purl	pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u5%3Fdistro=bullseye

aliases CVE-2026-0672

risk_score 2.7

exploitability 0.5

weighted_severity 5.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zh1r-7rzh-2bez

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u5%3Fdistro=bullseye

Package Instance