VulnerableCode Package Details - pkg:deb/debian/python3.14@3.14.5~rc1-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/python3.14@3.14.5~rc1-1

Essentials
History (2)

purl	pkg:deb/debian/python3.14@3.14.5~rc1-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-rcu5-gpmt-r7cb		CVE-2026-6100
VCID-vk3a-td8w-ebfp	http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value.	CVE-2026-6019

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-08T01:03:51.451921+00:00	Debian Importer	Fixing	VCID-rcu5-gpmt-r7cb	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-05-07T19:59:42.649037+00:00	Debian Importer	Fixing	VCID-vk3a-td8w-ebfp	https://security-tracker.debian.org/tracker/data/json	38.6.0