Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:rpm/redhat/python3-14-main@3.14.4-1?arch=hum1
purl pkg:rpm/redhat/python3-14-main@3.14.4-1?arch=hum1
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk
Vulnerabilities affecting this package (17)
Vulnerability Summary Fixed by
VCID-11ed-tk56-8khn
Aliases:
CVE-2026-4519
python: Python: Command-line option injection in webbrowser.open() via crafted URLs There are no reported fixed by versions.
VCID-1pr1-jkqa-43g6
Aliases:
CVE-2026-2297
cpython: CPython: Logging Bypass in Legacy .pyc File Handling There are no reported fixed by versions.
VCID-1uk5-6yqb-dyb5
Aliases:
CVE-2025-13837
cpython: Out-of-memory when loading Plist There are no reported fixed by versions.
VCID-39hb-75mq-hyet
Aliases:
CVE-2026-3479
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation There are no reported fixed by versions.
VCID-8b19-pezx-6bcd
Aliases:
CVE-2026-0865
cpython: wsgiref.headers.Headers allows header newline injection in Python There are no reported fixed by versions.
VCID-8dtv-379a-wqfs
Aliases:
CVE-2025-13836
cpython: Excessive read buffering DoS in http.client There are no reported fixed by versions.
VCID-94n7-6q4s-3udv
Aliases:
CVE-2025-15282
cpython: Header injection via newlines in data URL mediatype in Python There are no reported fixed by versions.
VCID-9vcx-2fts-gkfw
Aliases:
CVE-2026-4224
cpython: Stack overflow parsing XML with deeply nested DTD content models There are no reported fixed by versions.
VCID-bn83-d2qp-9bfy
Aliases:
CVE-2025-11468
cpython: Missing character filtering in Python There are no reported fixed by versions.
VCID-fcsb-dn49-47gy
Aliases:
CVE-2025-6075
python: Quadratic complexity in os.path.expandvars() with user-controlled template There are no reported fixed by versions.
VCID-gqzt-rh1w-jkfu
Aliases:
CVE-2026-3644
cpython: Incomplete control character validation in http.cookies There are no reported fixed by versions.
VCID-kn9b-2gxw-gqgx
Aliases:
CVE-2026-1299
cpython: email header injection due to unquoted newlines There are no reported fixed by versions.
VCID-m4d3-db9x-h7h2
Aliases:
CVE-2025-12781
cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars There are no reported fixed by versions.
VCID-n4au-q9bs-kucb
Aliases:
CVE-2025-13462
The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations. There are no reported fixed by versions.
VCID-nqqc-u8d5-8qf6
Aliases:
CVE-2025-12084
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service There are no reported fixed by versions.
VCID-q653-8f64-gkbe
Aliases:
CVE-2026-3446
There are no reported fixed by versions.
VCID-znkr-fxtj-4uc7
Aliases:
CVE-2025-8291
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-21T22:40:22.477703+00:00 RedHat Importer Affected by VCID-znkr-fxtj-4uc7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8291.json 38.4.0
2026-04-21T22:40:19.367940+00:00 RedHat Importer Affected by VCID-fcsb-dn49-47gy https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6075.json 38.4.0
2026-04-21T22:40:14.429476+00:00 RedHat Importer Affected by VCID-8dtv-379a-wqfs https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13836.json 38.4.0
2026-04-21T22:40:13.951823+00:00 RedHat Importer Affected by VCID-1uk5-6yqb-dyb5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13837.json 38.4.0
2026-04-21T22:39:50.070380+00:00 RedHat Importer Affected by VCID-nqqc-u8d5-8qf6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12084.json 38.4.0
2026-04-21T22:39:37.013558+00:00 RedHat Importer Affected by VCID-bn83-d2qp-9bfy https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json 38.4.0
2026-04-21T22:39:36.836566+00:00 RedHat Importer Affected by VCID-8b19-pezx-6bcd https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0865.json 38.4.0
2026-04-21T22:39:36.640723+00:00 RedHat Importer Affected by VCID-94n7-6q4s-3udv https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15282.json 38.4.0
2026-04-21T22:39:35.360941+00:00 RedHat Importer Affected by VCID-m4d3-db9x-h7h2 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12781.json 38.4.0
2026-04-21T22:39:35.100085+00:00 RedHat Importer Affected by VCID-kn9b-2gxw-gqgx https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1299.json 38.4.0
2026-04-21T22:38:51.028230+00:00 RedHat Importer Affected by VCID-1pr1-jkqa-43g6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2297.json 38.4.0
2026-04-21T22:38:44.654907+00:00 RedHat Importer Affected by VCID-n4au-q9bs-kucb https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13462.json 38.4.0
2026-04-21T22:38:40.436485+00:00 RedHat Importer Affected by VCID-gqzt-rh1w-jkfu https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3644.json 38.4.0
2026-04-21T22:38:40.400114+00:00 RedHat Importer Affected by VCID-9vcx-2fts-gkfw https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4224.json 38.4.0
2026-04-21T22:38:39.703294+00:00 RedHat Importer Affected by VCID-39hb-75mq-hyet https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3479.json 38.4.0
2026-04-21T22:38:38.720965+00:00 RedHat Importer Affected by VCID-11ed-tk56-8khn https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4519.json 38.4.0
2026-04-21T22:37:58.911124+00:00 RedHat Importer Affected by VCID-q653-8f64-gkbe https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3446.json 38.4.0