CLSA-2026-1774438452

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774438452.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1774438452

Upstream

CVE-2025-15367

CVE-2026-0865

CVE-2026-1299

Published

2026-03-25T11:34:16Z

Modified

2026-06-01T00:32:10.390740025Z

Summary

python3.11: Fix of 3 CVEs

Details

CVE-2026-1299: Fix header injection; quote newlines in email headers and reject incorrectly folded LiteralHeader values during serialization with BytesGenerator.
CVE-2026-0865: Fix header injection via user-controlled header names and values containing newlines; sanitize and reject header names and values containing newline characters.
CVE-2025-15367: Reject control characters in POP3 commands to prevent command injection via newlines in user-controlled input

References

https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2026-1774438452.html

Affected packages

TuxCare:AlmaLinux:9.2

python3.11

Package

Name: python3.11
Purl: pkg:rpm/tuxcare/python3.11?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.11.2-2.el9_2.2.tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774438452.json"

python3.11-debug

Package

Name: python3.11-debug
Purl: pkg:rpm/tuxcare/python3.11-debug?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.11.2-2.el9_2.2.tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774438452.json"

python3.11-devel

Package

Name: python3.11-devel
Purl: pkg:rpm/tuxcare/python3.11-devel?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.11.2-2.el9_2.2.tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774438452.json"

python3.11-idle

Package

Name: python3.11-idle
Purl: pkg:rpm/tuxcare/python3.11-idle?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.11.2-2.el9_2.2.tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774438452.json"

python3.11-libs

Package

Name: python3.11-libs
Purl: pkg:rpm/tuxcare/python3.11-libs?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.11.2-2.el9_2.2.tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774438452.json"

python3.11-test

Package

Name: python3.11-test
Purl: pkg:rpm/tuxcare/python3.11-test?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.11.2-2.el9_2.2.tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774438452.json"

python3.11-tkinter

Package

Name: python3.11-tkinter
Purl: pkg:rpm/tuxcare/python3.11-tkinter?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.11.2-2.el9_2.2.tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1774438452.json"