CLSA-2026-1777454964

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777454964.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1777454964
Upstream
  • CVE-2026-4519
  • CVE-2026-4786
Published
2026-04-29T09:29:28Z
Modified
2026-06-01T00:33:25.941052297Z
Summary
python: Fix of 2 CVEs
Details
  • CVE-2026-4519: reject webbrowser.open() URLs with a leading dash to prevent CLI option injection into the spawned browser process
  • CVE-2026-4786: validate URLs after %action substitution and swap the substitution order in UnixBrowser.open() to close a bypass of the CVE-2026-4519 dash-prefix check
References

Affected packages

TuxCare:OracleLinux:6
python

Package

Name
python
Purl
pkg:rpm/tuxcare/python?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777454964.json"
python-devel

Package

Name
python-devel
Purl
pkg:rpm/tuxcare/python-devel?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777454964.json"
python-libs

Package

Name
python-libs
Purl
pkg:rpm/tuxcare/python-libs?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777454964.json"
python-test

Package

Name
python-test
Purl
pkg:rpm/tuxcare/python-test?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777454964.json"
python-tools

Package

Name
python-tools
Purl
pkg:rpm/tuxcare/python-tools?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777454964.json"
tkinter

Package

Name
tkinter
Purl
pkg:rpm/tuxcare/tkinter?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els20

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777454964.json"