Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/936976?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/936976?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-1?distro=sid", "type": "deb", "namespace": "debian", "name": "python3.14", "version": "3.14.3-1", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.14.3-4", "latest_non_vulnerable_version": "3.14.5-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64940?format=api", "vulnerability_id": "VCID-8b19-pezx-6bcd", "summary": "cpython: wsgiref.headers.Headers allows header newline injection in Python", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0865.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0865.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32822", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32261", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32194", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32172", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32263", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32252", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32188", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32679", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32755", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32753", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32727", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32858", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32327", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3241", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32526", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32709", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32731", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32692", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32719", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126739", "reference_id": "1126739", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126739" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126740", "reference_id": "1126740", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126740" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126741", "reference_id": "1126741", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126741" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126742", "reference_id": "1126742", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126742" }, { "reference_url": "https://github.com/python/cpython/issues/143916", "reference_id": "143916", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/issues/143916" }, { "reference_url": "https://github.com/python/cpython/pull/143917", "reference_id": "143917", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/pull/143917" }, { "reference_url": "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58", "reference_id": "22e4d55285cee52bc4dbe061324e5f30bd4dee58", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/22e4d55285cee52bc4dbe061324e5f30bd4dee58" }, { "reference_url": "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510", "reference_id": "23e3c0ae867cca0130e441e776c9955b9027c510", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/23e3c0ae867cca0130e441e776c9955b9027c510" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431367", "reference_id": "2431367", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431367" }, { "reference_url": "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f", "reference_id": "286e3ac39984fe85a17f4ab39c64d382137aae5f", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/286e3ac39984fe85a17f4ab39c64d382137aae5f" }, { "reference_url": "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2", "reference_id": "2f840249550e082dc351743f474ba56da10478d2", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/2f840249550e082dc351743f474ba56da10478d2" }, { "reference_url": "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5", "reference_id": "4802b96a2cde58570c24c13ef3289490980961c5", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/4802b96a2cde58570c24c13ef3289490980961c5" }, { "reference_url": "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "reference_id": "66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/66da7bf6fe7b81e3ecc9c0a25bd47d4616c8d1a6" }, { "reference_url": "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff", "reference_id": "83ecd18779f286d872f68bfce175651e407d9fff", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/83ecd18779f286d872f68bfce175651e407d9fff" }, { "reference_url": "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97", "reference_id": "8bb044d29310bb05d15086cdaa8bf64867d61a97", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/8bb044d29310bb05d15086cdaa8bf64867d61a97" }, { "reference_url": "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf", "reference_id": "bfba660085767f8c2d582134e9d511a85eda04cf", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/bfba660085767f8c2d582134e9d511a85eda04cf" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/", "reference_id": "BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BJ6QPHNSHJTS3A7CFV6IBMCAP2DWRVNT/" }, { "reference_url": "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219", "reference_id": "c592227ffb48679af9845a45dbb0875d975bb219", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/c592227ffb48679af9845a45dbb0875d975bb219" }, { "reference_url": "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "reference_id": "e4846a93ac07a8ae9aa18203af0dd13d6e7a6995", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/e4846a93ac07a8ae9aa18203af0dd13d6e7a6995" }, { "reference_url": "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "reference_id": "f7fceed79ca1bceae8dbe5ba5bc8928564da7211", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:22Z/" } ], "url": "https://github.com/python/cpython/commit/f7fceed79ca1bceae8dbe5ba5bc8928564da7211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2128", "reference_id": "RHSA-2026:2128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4168", "reference_id": "RHSA-2026:4168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4463", "reference_id": "RHSA-2026:4463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4473", "reference_id": "RHSA-2026:4473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4713", "reference_id": "RHSA-2026:4713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5606", "reference_id": "RHSA-2026:5606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6253", "reference_id": "RHSA-2026:6253", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6253" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443", "reference_id": "RHSA-2026:7443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661", "reference_id": "RHSA-2026:7661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://usn.ubuntu.com/8018-1/", "reference_id": "USN-8018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-1/" }, { "reference_url": "https://usn.ubuntu.com/8018-2/", "reference_id": "USN-8018-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-2/" }, { "reference_url": "https://usn.ubuntu.com/8018-3/", "reference_id": "USN-8018-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936976?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936975?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-3?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-9vcx-2fts-gkfw" }, { "vulnerability": "VCID-gqzt-rh1w-jkfu" }, { "vulnerability": "VCID-n4au-q9bs-kucb" }, { "vulnerability": "VCID-q653-8f64-gkbe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936977?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-5?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-5%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059650?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076119?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-2?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-rcu5-gpmt-r7cb" }, { "vulnerability": "VCID-vk3a-td8w-ebfp" }, { "vulnerability": "VCID-ygdw-ymrf-kqg1" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103052?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5~rc1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5~rc1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112574?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5-1%3Fdistro=sid" } ], "aliases": [ "CVE-2026-0865" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8b19-pezx-6bcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64939?format=api", "vulnerability_id": "VCID-94n7-6q4s-3udv", "summary": "cpython: Header injection via newlines in data URL mediatype in Python", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15282.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15282.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13683", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13742", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13544", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13624", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13646", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13609", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13476", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13472", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13543", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13555", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13527", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13418", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13323", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13482", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13567", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13558", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13588", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15282" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "reference_id": "05356b1cc153108aaf27f3b72ce438af4aa218c0", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126779", "reference_id": "1126779", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126779" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126780", "reference_id": "1126780", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126780" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126781", "reference_id": "1126781", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126781" }, { "reference_url": "https://github.com/python/cpython/issues/143925", "reference_id": "143925", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/issues/143925" }, { "reference_url": "https://github.com/python/cpython/pull/143926", "reference_id": "143926", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/pull/143926" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431366", "reference_id": "2431366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431366" }, { "reference_url": "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "reference_id": "34d76b00dabde81a793bd06dd8ecb057838c4b38", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38" }, { "reference_url": "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "reference_id": "3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80" }, { "reference_url": "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "reference_id": "4ed11d3cd288e6b90196a15c5a825a45d318fe47", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47" }, { "reference_url": "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "reference_id": "a35ca3be5842505dab74dc0b90b89cde0405017a", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a" }, { "reference_url": "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "reference_id": "f25509e78e8be6ea73c811ac2b8c928c28841b9f", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10950", "reference_id": "RHSA-2026:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443", "reference_id": "RHSA-2026:7443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661", "reference_id": "RHSA-2026:7661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://usn.ubuntu.com/8018-1/", "reference_id": "USN-8018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-1/" }, { "reference_url": "https://usn.ubuntu.com/8018-3/", "reference_id": "USN-8018-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-3/" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "reference_id": "X66HL7SISGJT33J53OHXMZT4DFLMHVKF", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936976?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936975?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-3?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-9vcx-2fts-gkfw" }, { "vulnerability": "VCID-gqzt-rh1w-jkfu" }, { "vulnerability": "VCID-n4au-q9bs-kucb" }, { "vulnerability": "VCID-q653-8f64-gkbe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936977?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-5?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-5%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059650?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076119?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-2?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-rcu5-gpmt-r7cb" }, { "vulnerability": "VCID-vk3a-td8w-ebfp" }, { "vulnerability": "VCID-ygdw-ymrf-kqg1" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103052?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5~rc1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5~rc1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112574?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-15282" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94n7-6q4s-3udv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64945?format=api", "vulnerability_id": "VCID-bn83-d2qp-9bfy", "summary": "cpython: Missing character filtering in Python", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11821", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11742", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11649", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11734", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11797", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11759", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11733", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11597", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11595", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11718", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11676", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11637", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11561", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11482", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11618", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1167", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11641", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11683", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "reference_id": "003b8315669b9f08b1010a49071f73f15f818094", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786", "reference_id": "1126786", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787", "reference_id": "1126787", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788", "reference_id": "1126788", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788" }, { "reference_url": "https://github.com/python/cpython/issues/143935", "reference_id": "143935", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/issues/143935" }, { "reference_url": "https://github.com/python/cpython/pull/143936", "reference_id": "143936", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/pull/143936" }, { "reference_url": "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "reference_id": "17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431375", "reference_id": "2431375", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431375" }, { "reference_url": "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "reference_id": "61614a5e5056e4f61ced65008d4576f3df34acb6", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6" }, { "reference_url": "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "reference_id": "a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66" }, { "reference_url": "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "reference_id": "e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0" }, { "reference_url": "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "reference_id": "f738386838021c762efea6c9802c82de65e87796", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "reference_id": "FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443", "reference_id": "RHSA-2026:7443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661", "reference_id": "RHSA-2026:7661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://usn.ubuntu.com/8018-1/", "reference_id": "USN-8018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936976?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936975?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-3?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-9vcx-2fts-gkfw" }, { "vulnerability": "VCID-gqzt-rh1w-jkfu" }, { "vulnerability": "VCID-n4au-q9bs-kucb" }, { "vulnerability": "VCID-q653-8f64-gkbe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936977?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-5?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-5%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059650?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076119?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-2?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-rcu5-gpmt-r7cb" }, { "vulnerability": "VCID-vk3a-td8w-ebfp" }, { "vulnerability": "VCID-ygdw-ymrf-kqg1" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103052?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5~rc1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5~rc1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112574?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-11468" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bn83-d2qp-9bfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64889?format=api", "vulnerability_id": "VCID-kn9b-2gxw-gqgx", "summary": "cpython: email header injection due to unquoted newlines", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1299.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1299.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1299", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13683", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13588", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13558", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13567", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13472", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13476", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13742", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13544", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13624", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13646", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13609", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13482", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13323", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13418", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13527", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13555", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13543", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413", "reference_id": "052e55e7d44718fe46cbba0ca995cb8fcc359413", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413" }, { "reference_url": "https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8", "reference_id": "0a925ab591c45d6638f37b5e57796f36fa0e56d8", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126744", "reference_id": "1126744", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126744" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126745", "reference_id": "1126745", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126745" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126746", "reference_id": "1126746", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126746" }, { "reference_url": "https://github.com/python/cpython/issues/144125", "reference_id": "144125", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://github.com/python/cpython/issues/144125" }, { "reference_url": "https://github.com/python/cpython/pull/144126", "reference_id": "144126", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://github.com/python/cpython/pull/144126" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "reference_id": "2432437", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432437" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/", "reference_id": "6ZZULGALJTITEAGEXLDJE2C6FORDXPBT", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/" }, { "reference_url": "https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9", "reference_id": "7877fe424415bc4a13045e62a90a7277413d8cb9", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9" }, { "reference_url": "https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4", "reference_id": "842ce19a0c0b58d61591e8f6a708c38db1fb94e4", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4" }, { "reference_url": "https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36", "reference_id": "8cdf6204f4ae821f32993f8fc6bad0d318f95f36", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36" }, { "reference_url": "https://cve.org/CVERecord?id=CVE-2024-6923", "reference_id": "CVERecord?id=CVE-2024-6923", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://cve.org/CVERecord?id=CVE-2024-6923" }, { "reference_url": "https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a", "reference_id": "e417f05ad77a4c30ddc07f99e90fc0cef43e831a", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-23T16:55:59Z/" } ], "url": "https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16174", "reference_id": "RHSA-2026:16174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2128", "reference_id": "RHSA-2026:2128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4165", "reference_id": "RHSA-2026:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4168", "reference_id": "RHSA-2026:4168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4216", "reference_id": "RHSA-2026:4216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4463", "reference_id": "RHSA-2026:4463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4473", "reference_id": "RHSA-2026:4473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4713", "reference_id": "RHSA-2026:4713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4746", "reference_id": "RHSA-2026:4746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5152", "reference_id": "RHSA-2026:5152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5215", "reference_id": "RHSA-2026:5215", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5215" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5216", "reference_id": "RHSA-2026:5216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5218", "reference_id": "RHSA-2026:5218", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5219", "reference_id": "RHSA-2026:5219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5221", "reference_id": "RHSA-2026:5221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5223", "reference_id": "RHSA-2026:5223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5225", "reference_id": "RHSA-2026:5225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5226", "reference_id": "RHSA-2026:5226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5315", "reference_id": "RHSA-2026:5315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5399", "reference_id": "RHSA-2026:5399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5606", "reference_id": "RHSA-2026:5606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6008", "reference_id": "RHSA-2026:6008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6253", "reference_id": "RHSA-2026:6253", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6253" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6464", "reference_id": "RHSA-2026:6464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7329", "reference_id": "RHSA-2026:7329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443", "reference_id": "RHSA-2026:7443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661", "reference_id": "RHSA-2026:7661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8746", "reference_id": "RHSA-2026:8746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8747", "reference_id": "RHSA-2026:8747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8748", "reference_id": "RHSA-2026:8748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936976?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936975?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-3?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-9vcx-2fts-gkfw" }, { "vulnerability": "VCID-gqzt-rh1w-jkfu" }, { "vulnerability": "VCID-n4au-q9bs-kucb" }, { "vulnerability": "VCID-q653-8f64-gkbe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936977?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-5?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-5%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059650?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076119?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-2?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-rcu5-gpmt-r7cb" }, { "vulnerability": "VCID-vk3a-td8w-ebfp" }, { "vulnerability": "VCID-ygdw-ymrf-kqg1" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103052?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5~rc1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5~rc1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112574?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5-1%3Fdistro=sid" } ], "aliases": [ "CVE-2026-1299" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kn9b-2gxw-gqgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64936?format=api", "vulnerability_id": "VCID-zh1r-7rzh-2bez", "summary": "cpython: Header injection in http.cookies.Morsel in Python", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0672.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0672.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0672", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36257", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36779", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36615", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36667", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36683", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36692", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36658", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36632", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36677", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36659", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36599", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36375", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36345", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36259", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36142", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36216", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36245", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.3616", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36183", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0672" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126761", "reference_id": "1126761", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126761" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126762", "reference_id": "1126762", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126762" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126763", "reference_id": "1126763", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126763" }, { "reference_url": "https://github.com/python/cpython/issues/143919", "reference_id": "143919", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/" } ], "url": "https://github.com/python/cpython/issues/143919" }, { "reference_url": "https://github.com/python/cpython/pull/143920", "reference_id": "143920", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/" } ], "url": "https://github.com/python/cpython/pull/143920" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431374", "reference_id": "2431374", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431374" }, { "reference_url": "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172", "reference_id": "62700107418eb2cca3fc88da036a243ea975f172", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/" } ], "url": "https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/", "reference_id": "6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/" }, { "reference_url": "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "reference_id": "712452e6f1d4b9f7f8c4c92ebfcaac1705faa440", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/" } ], "url": "https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440" }, { "reference_url": "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "reference_id": "7852d72b653fea0199acf5fc2a84f6f8b84eba8d", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/" } ], "url": "https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d" }, { "reference_url": "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca", "reference_id": "918387e4912d12ffc166c8f2a38df92b6ec756ca", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/" } ], "url": "https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca" }, { "reference_url": "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70", "reference_id": "95746b3a13a985787ef53b977129041971ed7f70", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/" } ], "url": "https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70" }, { "reference_url": "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85", "reference_id": "b1869ff648bbee0717221d09e6deff46617f3e85", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:11Z/" } ], "url": "https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10950", "reference_id": "RHSA-2026:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10950" }, { "reference_url": "https://usn.ubuntu.com/8018-1/", "reference_id": "USN-8018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-1/" }, { "reference_url": "https://usn.ubuntu.com/8018-3/", "reference_id": "USN-8018-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936976?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936975?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-3?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-9vcx-2fts-gkfw" }, { "vulnerability": "VCID-gqzt-rh1w-jkfu" }, { "vulnerability": "VCID-n4au-q9bs-kucb" }, { "vulnerability": "VCID-q653-8f64-gkbe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/936977?format=api", "purl": "pkg:deb/debian/python3.14@3.14.3-5?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-5%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059650?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076119?format=api", "purl": "pkg:deb/debian/python3.14@3.14.4-2?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-rcu5-gpmt-r7cb" }, { "vulnerability": "VCID-vk3a-td8w-ebfp" }, { "vulnerability": "VCID-ygdw-ymrf-kqg1" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.4-2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103052?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5~rc1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5~rc1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112574?format=api", "purl": "pkg:deb/debian/python3.14@3.14.5-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.5-1%3Fdistro=sid" } ], "aliases": [ "CVE-2026-0672" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zh1r-7rzh-2bez" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.14@3.14.3-1%3Fdistro=sid" }