Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:9354: Important: python3.9 security update

cveenterprisecve-2026-4519
A command-line option injection vulnerability (CVE-2026-4519, CVSS 3.3/LOW) exists in Python's `webbrowser.open()` function, allowing crafted URLs to inject unintended arguments. The vulnerability affects Python versions prior to 3.13.13, versions 3.14.0 through 3.14.3, and version 3.15.0. The fix is included in Python versions 3.13.13 and 3.14.4.
Read Full Article →

Red Hat Product Errata RHSA-2026:9354 - Security Advisory Issued: 2026-04-21 Updated: 2026-04-21 RHSA-2026:9354 - Security Advisory Overview Updated Packages Synopsis Important: python3.9 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for python3.9 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): python: Python: Command-line option injection in webbrowser.open() via crafted URLs (CVE-2026-4519) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2449649 - CVE-2026-4519 python: Python: Command-line option injection in webbrowser.open() via crafted URLs CVEs CVE-2026-4519 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM python3.9-3.9.21-2.el9_6.5.src.rpm SHA-256: 28b422b6eddc8c6531629680290fbcfd4539ff4bbb199fb0fbf6e9a8262e8b1a x86_64 python-unversioned-command-3.9.21-2.el9_6.5.noarch.rpm SHA-256: 589d36caea67e6e33607045cb1614aa0070de792fcca10a24d50d06280204496 python3-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 7b315fcf1a697652b3a2e3929570a575a11099fc92baf0a2108dfb87cb8a29e7 python3-devel-3.9.21-2.el9_6.5.i686.rpm SHA-256: b0f44db7f26c0a3a9fba760402c4281784f6d35a6e37cae85613749294b96f7e python3-devel-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 3f773bea94041e606fe5d0da851be399f66eca710e466d7e47bcb80292ca7a36 python3-libs-3.9.21-2.el9_6.5.i686.rpm SHA-256: 5cd0c5662e4273575fcdf14318da3d058fc2f00ca567dc985436b72e560c0f0a python3-libs-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: f4f6e56dacba14bb096e7cbd0825e6144a21d510e4ed14de7187018eab35ea50 python3-tkinter-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 8bc4b803c48be46505bf7afb3199912befb06850678d2110ed7704d896bccc97 python3.9-debuginfo-3.9.21-2.el9_6.5.i686.rpm SHA-256: 997df7903cfeeb983ad14be19c4ae5e03d844da3b0714fb5d82d8dda87b5f064 python3.9-debuginfo-3.9.21-2.el9_6.5.i686.rpm SHA-256: 997df7903cfeeb983ad14be19c4ae5e03d844da3b0714fb5d82d8dda87b5f064 python3.9-debuginfo-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 441782b0c1973651a25b8a0361afe1ec012f16dbe1c5122c35c1e84ecc8314f0 python3.9-debuginfo-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 441782b0c1973651a25b8a0361afe1ec012f16dbe1c5122c35c1e84ecc8314f0 python3.9-debugsource-3.9.21-2.el9_6.5.i686.rpm SHA-256: e2fe884756e2c4223c993bcbdbba65b465ebaf3e926966409e527407ffa722b8 python3.9-debugsource-3.9.21-2.el9_6.5.i686.rpm SHA-256: e2fe884756e2c4223c993bcbdbba65b465ebaf3e926966409e527407ffa722b8 python3.9-debugsource-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: c7b59b29d4856a83e4342e38b4fbe5a8bdd71a235b657cf62a8ac7240303cb30 python3.9-debugsource-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: c7b59b29d4856a83e4342e38b4fbe5a8bdd71a235b657cf62a8ac7240303cb30 Red Hat Enterprise Linux Server - AUS 9.6 SRPM python3.9-3.9.21-2.el9_6.5.src.rpm SHA-256: 28b422b6eddc8c6531629680290fbcfd4539ff4bbb199fb0fbf6e9a8262e8b1a x86_64 python-unversioned-command-3.9.21-2.el9_6.5.noarch.rpm SHA-256: 589d36caea67e6e33607045cb1614aa0070de792fcca10a24d50d06280204496 python3-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 7b315fcf1a697652b3a2e3929570a575a11099fc92baf0a2108dfb87cb8a29e7 python3-devel-3.9.21-2.el9_6.5.i686.rpm SHA-256: b0f44db7f26c0a3a9fba760402c4281784f6d35a6e37cae85613749294b96f7e python3-devel-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 3f773bea94041e606fe5d0da851be399f66eca710e466d7e47bcb80292ca7a36 python3-libs-3.9.21-2.el9_6.5.i686.rpm SHA-256: 5cd0c5662e4273575fcdf14318da3d058fc2f00ca567dc985436b72e560c0f0a python3-libs-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: f4f6e56dacba14bb096e7cbd0825e6144a21d510e4ed14de7187018eab35ea50 python3-tkinter-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 8bc4b803c48be46505bf7afb3199912befb06850678d2110ed7704d896bccc97 python3.9-debuginfo-3.9.21-2.el9_6.5.i686.rpm SHA-256: 997df7903cfeeb983ad14be19c4ae5e03d844da3b0714fb5d82d8dda87b5f064 python3.9-debuginfo-3.9.21-2.el9_6.5.i686.rpm SHA-256: 997df7903cfeeb983ad14be19c4ae5e03d844da3b0714fb5d82d8dda87b5f064 python3.9-debuginfo-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 441782b0c1973651a25b8a0361afe1ec012f16dbe1c5122c35c1e84ecc8314f0 python3.9-debuginfo-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: 441782b0c1973651a25b8a0361afe1ec012f16dbe1c5122c35c1e84ecc8314f0 python3.9-debugsource-3.9.21-2.el9_6.5.i686.rpm SHA-256: e2fe884756e2c4223c993bcbdbba65b465ebaf3e926966409e527407ffa722b8 python3.9-debugsource-3.9.21-2.el9_6.5.i686.rpm SHA-256: e2fe884756e2c4223c993bcbdbba65b465ebaf3e926966409e527407ffa722b8 python3.9-debugsource-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: c7b59b29d4856a83e4342e38b4fbe5a8bdd71a235b657cf62a8ac7240303cb30 python3.9-debugsource-3.9.21-2.el9_6.5.x86_64.rpm SHA-256: c7b59b29d4856a83e4342e38b4fbe5a8bdd71a235b657cf62a8ac7240303cb30 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM python3.9-3.9.21-2.el9_6.5.src.rpm SHA-256: 28b422b6eddc8c6531629680290fbcfd4539ff4bbb199fb0fbf6e9a8262e8b1a s390x python-unversioned-command-3.9.21-2.el9_6.5.noarch.rpm SHA-256: 589d36caea67e6e33607045cb1614aa0070de792fcca10a24d50d06280204496 python3-3.9.21-2.el9_6.5.s390x.rpm SHA-256: 577f8d44cfcd6c959e568ddf62c944110cb1b16aeeb64ecf38752f6d86948269 python3-devel-3.9.21-2.el9_6.5.s390x.rpm SHA-256: df07ead3ac2f85a8e89bbae56696589bbbca4c2d010d99777d7dbe504261c15f python3-libs-3.9.21-2.el9_6.5.s390x.rpm SHA-256: b457ce8343d502f39d8b0e3d626c6ebd1645460f5a505a94b4bdc44212584ef6 python3-tkinter-3.9.21-2.el9_6.5.s390x.rpm SHA-256: 7d936c01653b2ae9267047bb25cf08b5d4d16cca6dad93328ac4be7268910049 python3.9-debuginfo-3.9.21-2.el9_6.5.s390x.rpm SHA-256: 244fd29ff64b8caece4ff2ec7e9aaeb563f3bc0928b089d5a5cc6a3c2193db14 python3.9-debuginfo-3.9.21-2.el9_6.5.s390x.rpm SHA-256: 244fd29ff64b8caece4ff2ec7e9aaeb563f3bc0928b089d5a5cc6a3c2193db14 python3.9-debugsource-3.9.21-2.el9_6.5.s390x.rpm SHA-256: e868b711c461ea161ba12f7a4c85e2eb51f71fcde44c53d599ba80aa53f1f574 python3.9-debugsource-3.9.21-2.el9_6.5.s390x.rpm SHA-256: e868b711c461ea161ba12f7a4c85e2eb51f71fcde44c53d599ba80aa53f1f574 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM python3.9-3.9.21-2.el9_6.5.src.rpm SHA-256: 28b422b6eddc8c6531629680290fbcfd4539ff4bbb199fb0fbf6e9a8262e8b1a ppc64le python-unversioned-command-3.9.21-2.el9_6.5.noarch.rpm SHA-256: 589d36caea67e6e33607045cb1614aa0070de792fcca10a24d50d06280204496 python3-3.9.21-2.el9_6.5.ppc64le.rpm SHA-256: a7b6102b4fee2fc1fa73aa31b427df7e169e3bf64bdaa1c0b06d262bfa4fc5b3 python3-devel-3.9.21-2.el9_6.5.ppc64le.rpm SHA-256: 00e523c78a161264eea34dc82f7832fc0efb897edee86882948585a7c0109646 python3-libs-3.9.21-2.el9_6.5.ppc64le.rpm SHA-256: 8772ddd92f0637d788ac0e3c72b718731eae47d30d7962093bef94ae6271a4c4 python3-tkinter-3.9.21-2.el9_6.5.ppc64le.rpm SHA-256: ed18181a09621fdfc6621ebb30c1276898cc52fdf702e85a9d0348a679688259 python3.9-debuginfo-3.9.21-2.el9_6.5.ppc64le.rpm SHA-256: 9a7e0ad728ca33c27b3e06f808d5b267443535267f82e9bc79c5cc51bee51dde python3.9-debuginfo-3.9.21-2.el9_6.5.ppc64le.rpm SHA-256: 9a7e0ad728ca33c27b3e06f808d5b267443535267f82e9bc79c5cc51bee51dde python3.9-debugsource-3.9.21-2.el9_6.5.ppc64le.rpm SHA-256: 602e8d93fd1d51ce3b858a9f1cb1b4baccd00317b8ddb5d136e68b628ca07f29 python3.9-debugsource-3.9.21-2.el9_6.5.ppc64le.rpm SHA-256: 602e8d93fd1d51ce3b858a9f1cb1b4baccd00317b8ddb5d136e68b628ca07f29 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM python3.9-3.9.21-2.el9_6.5.src.rpm SHA-256: 28b422b6eddc8c6531629680290fbcfd4539ff4bbb199fb0fbf6e9a8262e8b1a aarch64 python-unversioned-command-3.9.21-2.el9_6.5.noarch.rpm SHA-256: 589d36caea67e6e33607045cb1614aa0070de792fcca10a24d50d06280204496 python3-3.9.21-2.el9_6.5.aarch64.rpm SHA-256

Related Articles

HIGH RHSA-2026:9262: Important: python3.9 security update Red Hat Errata HIGH RHSA-2026:9387: Important: python3 security update Red Hat Errata LOW Vulnérabilité dans les produits Microsoft (27 mars 2026) CERT-FR (ANSSI) HIGH RHSA-2026:9591: Important: python3.11 security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn