CLSA-2026-1778535928

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1778535928.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1778535928
Upstream
Published
2026-05-11T21:45:32Z
Modified
2026-06-01T00:33:28.275685762Z
Summary
python: Fix of 2 CVEs
Details
  • CVE-2021-3733: fix ReDoS in urllib2 AbstractBasicAuthHandler regex; the legacy '(?:.,)' prefix is replaced with the upstream-3.x form '(?:^|,)' and the scheme charset excludes ',' to prevent quadratic backtracking on crafted WWW-Authenticate headers
  • CVE-2021-23336: stop accepting ';' as a default query-string separator in urlparse.parseqs/parseqsl and cgi.parse* / FieldStorage; only '&' is used by default, with an opt-in 'separator' kwarg for callers that need legacy behavior
  • Additional tests for CVE-2021-23336: drop obsolete legacy-';' entries from Lib/test/testcgi.py parsestricttestcases
References

Affected packages

TuxCare:RHEL:7
python

Package

Name
python
Purl
pkg:rpm/tuxcare/python?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1778535928.json"
python-debug

Package

Name
python-debug
Purl
pkg:rpm/tuxcare/python-debug?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1778535928.json"
python-devel

Package

Name
python-devel
Purl
pkg:rpm/tuxcare/python-devel?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1778535928.json"
python-libs

Package

Name
python-libs
Purl
pkg:rpm/tuxcare/python-libs?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1778535928.json"
python-test

Package

Name
python-test
Purl
pkg:rpm/tuxcare/python-test?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1778535928.json"
python-tools

Package

Name
python-tools
Purl
pkg:rpm/tuxcare/python-tools?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1778535928.json"
tkinter

Package

Name
tkinter
Purl
pkg:rpm/tuxcare/tkinter?distro=rhel-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2026-1778535928.json"