Search for packages
| purl | pkg:rpm/redhat/python3-12-main@3.12.13-3.1?arch=hum1 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 2.7 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-39hb-75mq-hyet
Aliases: CVE-2026-3479 |
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation | There are no reported fixed by versions. |
|
VCID-n4au-q9bs-kucb
Aliases: CVE-2025-13462 |
The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations. | There are no reported fixed by versions. |
|
VCID-q653-8f64-gkbe
Aliases: CVE-2026-3446 |
There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-29T12:58:40.397610+00:00 | RedHat Importer | Affected by | VCID-n4au-q9bs-kucb | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13462.json | 38.5.0 |
| 2026-04-29T12:58:39.596050+00:00 | RedHat Importer | Affected by | VCID-39hb-75mq-hyet | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3479.json | 38.5.0 |
| 2026-04-24T12:24:47.758767+00:00 | RedHat Importer | Affected by | VCID-n4au-q9bs-kucb | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13462.json | 38.4.0 |
| 2026-04-24T12:24:39.300770+00:00 | RedHat Importer | Affected by | VCID-39hb-75mq-hyet | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3479.json | 38.4.0 |
| 2026-04-24T12:24:31.578599+00:00 | RedHat Importer | Affected by | VCID-q653-8f64-gkbe | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3446.json | 38.4.0 |