Red Hat Product Errata RHSA-2026:10950 - Security Advisory Issued: 2026-04-27 Updated: 2026-04-27 RHSA-2026:10950 - Security Advisory Overview Updated Packages Synopsis Important: python3.12 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for python3.12 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375) python: Quadratic complexity in os.path.expandvars() with user-controlled template (CVE-2025-6075) cpython: Out-of-memory when loading Plist (CVE-2025-13837) cpython: Header injection via newlines in data URL mediatype in Python (CVE-2025-15282) cpython: Header injection in http.cookies.Morsel in Python (CVE-2026-0672) cpython: CPython: Logging Bypass in Legacy .pyc File Handling (CVE-2026-2297) cpython: Incomplete control character validation in http.cookies (CVE-2026-3644) cpython: Stack overflow parsing XML with deeply nested DTD content models (CVE-2026-4224) python: Python: HTTP header injection via CR/LF in proxy tunnel headers (CVE-2026-1502) python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules (CVE-2026-6100) python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API (CVE-2026-4786) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 8 x86_64 Red Hat Enterprise Linux for IBM z Systems 8 s390x Red Hat Enterprise Linux for Power, little endian 8 ppc64le Red Hat Enterprise Linux for ARM 64 8 aarch64 Red Hat CodeReady Linux Builder for x86_64 8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x Fixes BZ - 2395108 - CVE-2025-59375 firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing BZ - 2408891 - CVE-2025-6075 python: Quadratic complexity in os.path.expandvars() with user-controlled template BZ - 2418084 - CVE-2025-13837 cpython: Out-of-memory when loading Plist BZ - 2431366 - CVE-2025-15282 cpython: Header injection via newlines in data URL mediatype in Python BZ - 2431374 - CVE-2026-0672 cpython: Header injection in http.cookies.Morsel in Python BZ - 2444691 - CVE-2026-2297 cpython: CPython: Logging Bypass in Legacy .pyc File Handling BZ - 2448168 - CVE-2026-3644 cpython: Incomplete control character validation in http.cookies BZ - 2448181 - CVE-2026-4224 cpython: Stack overflow parsing XML with deeply nested DTD content models BZ - 2457409 - CVE-2026-1502 python: Python: HTTP header injection via CR/LF in proxy tunnel headers BZ - 2457932 - CVE-2026-6100 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules BZ - 2458049 - CVE-2026-4786 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API CVEs CVE-2025-6075 CVE-2025-13837 CVE-2025-15282 CVE-2025-59375 CVE-2026-0672 CVE-2026-1502 CVE-2026-2297 CVE-2026-3644 CVE-2026-4224 CVE-2026-4786 CVE-2026-6100 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 8 SRPM python3.12-3.12.13-2.el8_10.src.rpm SHA-256: 7bb47eab464512ba87bfd71e110726085f4755421aa556b2906afbbebddf8780 x86_64 python3.12-3.12.13-2.el8_10.x86_64.rpm SHA-256: 2ce51c451dcbba9085dcc453c3357cb89e1ac2fc07222754c515a639e8cc8ab7 python3.12-debuginfo-3.12.13-2.el8_10.i686.rpm SHA-256: 78e8d29fd25e3391d855e568fec670d92321394d5032a963be31b8619fda53a1 python3.12-debuginfo-3.12.13-2.el8_10.x86_64.rpm SHA-256: db1624348fb7ac2add6b1675f121e49765f457d76b65464afc905b7371d393ed python3.12-debugsource-3.12.13-2.el8_10.i686.rpm SHA-256: 24af7637e29223ddb089e658fa2615ec087f949366f3369671ce4ca6b3c37c9e python3.12-debugsource-3.12.13-2.el8_10.x86_64.rpm SHA-256: f3783d84cfd1bda624191771c2c4c1e180b9a449a2cc23bb9b210cea8e5b67e2 python3.12-devel-3.12.13-2.el8_10.i686.rpm SHA-256: f85ec038b64ac87c4abae35c9363a3b7b23fc8d15b033964ca417b039d3f0842 python3.12-devel-3.12.13-2.el8_10.x86_64.rpm SHA-256: a20add5c37ad70666899eab0b2eb68b95e17cd59f38f3b689e18bc91e2dd2bb0 python3.12-libs-3.12.13-2.el8_10.i686.rpm SHA-256: 627e2bdb04aa88c299dfc0f31dcb02bf8fb0c4b7a4932412fa2c40419c71bc57 python3.12-libs-3.12.13-2.el8_10.x86_64.rpm SHA-256: 407ef432ad597afbb658394bf47d5cafd14d647466ef39badd324b6747bd3a67 python3.12-rpm-macros-3.12.13-2.el8_10.noarch.rpm SHA-256: d42ff9b852fe2886ac5ed5386f553a2d1156b57bb2d047d09d8ac004ac289d6c python3.12-tkinter-3.12.13-2.el8_10.x86_64.rpm SHA-256: 1e4eefcbdb097073acd7db8419bf9552056c6e8fbc97274ba5b07ca1eb4c6113 Red Hat Enterprise Linux for IBM z Systems 8 SRPM python3.12-3.12.13-2.el8_10.src.rpm SHA-256: 7bb47eab464512ba87bfd71e110726085f4755421aa556b2906afbbebddf8780 s390x python3.12-3.12.13-2.el8_10.s390x.rpm SHA-256: b51c412cf46734e05951f9c8f755fa1f946733ac2205185131993bcf81203ca5 python3.12-debuginfo-3.12.13-2.el8_10.s390x.rpm SHA-256: d4ceb75ca9b4be374ae66f7c4344a68ce33b7609ffb6d25b9f8d3e28873c8698 python3.12-debugsource-3.12.13-2.el8_10.s390x.rpm SHA-256: adf3e5260cc21d4c170a71862faff142a22e7d178aefd6be4a2c697ec248d406 python3.12-devel-3.12.13-2.el8_10.s390x.rpm SHA-256: d871ec1fb9b38f8690be6f1fbe101bafece2c098ba012f1b8a386e9818d4f4ba python3.12-libs-3.12.13-2.el8_10.s390x.rpm SHA-256: d57e9947ff836c0a631a5258ce885a95c90ce1c3583c74f4ea4cecd304d10aa9 python3.12-rpm-macros-3.12.13-2.el8_10.noarch.rpm SHA-256: d42ff9b852fe2886ac5ed5386f553a2d1156b57bb2d047d09d8ac004ac289d6c python3.12-tkinter-3.12.13-2.el8_10.s390x.rpm SHA-256: d8e1f21162dd47bc169df8ab44bc3ef1126bb6c8ef796735e7dd39f5b5f8ea6f Red Hat Enterprise Linux for Power, little endian 8 SRPM python3.12-3.12.13-2.el8_10.src.rpm SHA-256: 7bb47eab464512ba87bfd71e110726085f4755421aa556b2906afbbebddf8780 ppc64le python3.12-3.12.13-2.el8_10.ppc64le.rpm SHA-256: 92506505564053d62308fc7ae73f8afc32ccac3d8ed14dd5b191783d8dede220 python3.12-debuginfo-3.12.13-2.el8_10.ppc64le.rpm SHA-256: 625c7e0e63a16bf977cc503aea64b05d01e6c37326e4f1c1ec6583d3b2fa8007 python3.12-debugsource-3.12.13-2.el8_10.ppc64le.rpm SHA-256: 7f3719b00f8793ae07dac881a0305c7c1e7c5159a491c8d1d9bc9b3feddf3e0e python3.12-devel-3.12.13-2.el8_10.ppc64le.rpm SHA-256: b150a62dcf076fd34fead029933ee16a084ce8003a0b9ad72ae894afbd1599ca python3.12-libs-3.12.13-2.el8_10.ppc64le.rpm SHA-256: ea9be2059b6e2ff2b49bf9fcda683b47f68892906715ef0040e065b7a9abe577 python3.12-rpm-macros-3.12.13-2.el8_10.noarch.rpm SHA-256: d42ff9b852fe2886ac5ed5386f553a2d1156b57bb2d047d09d8ac004ac289d6c python3.12-tkinter-3.12.13-2.el8_10.ppc64le.rpm SHA-256: f6f6f8c2fb287171971b8cfd38e0dabe081fda391fe08c133f00e527462b2b20 Red Hat Enterprise Linux for ARM 64 8 SRPM python3.12-3.12.13-2.el8_10.src.rpm SHA-256: 7bb47eab464512ba87bfd71e110726085f4755421aa556b2906afbbebddf8780 aarch64 python3.12-3.12.13-2.el8_10.aarch64.rpm SHA-256: 79ef6c54196b6afbfd1faff41425c857c4ab8c00241a1f3285dfe049ed840031 python3.12-debuginfo-3.12.13-2.el8_10.aarch64.rpm SHA-256: 8236cf649364eb21c7b1f16b1fffc62ea1d05cdb5a9c2678ce84d1c3bc965c59 python3.12-debugsource-3.12.13-2.el8_10.aarch64.rpm SHA-256: 2ff5d0321a86cd8c26f2973332fe2b84816b864c40a6456025eac0dbf2d7b44e python3.12-devel-3.12.13-2.el8_10.aarch64.rpm SHA-256: cb48bb873ac27fbd03d5a7acc40dbfad0cd24a550dc3d419a589cc07a008ac24 python3.12-libs-3.12.13-2.el8_10.aarch64.rpm SHA-256: 9061c4d004902a5b59332f5fb4fcc39f03bca1e38baafcad02072d09a7372444 python3.12-rpm-macros-3.12.13-2.el8_10.noarch.rpm SHA-256: d42ff9b852fe2886ac5ed5386f553a2d1156b57bb2d047d09d8ac004ac289d6c python3.12-tkinter-3.12.13-2.el8_10.aarch64.rpm SHA-256: 4289e34fb65545d9768ae1e7f9d184723958c7fd6a1fdbc7bb25030145d4c858 Red Hat CodeReady Linux Builder for x86_64 8 SRPM x86_64 python3.12-3.12.13-2.el8_10.i686.rpm SHA-256: c6858e3015207e539a0f581f6de410c576b3af219be5855d63d8ab66102f2b62 python3.12-debug-3.12.13-2.el8_10.i686.rpm SHA-256: b93a2e1f08fab62ac3bf4248c4bd4735d0fb3b3ea1502d1b3ac229b9b8715f6d python3.12-debug-3.12.13-2.el8_10.x86_64.rpm SHA-256: a746843599c3ee79703f9f8c16f72d5431b776bcc59dab42fc11e0d3c227175c python3.12-debuginfo-3.12.13-2.el8_10.i686.rpm SHA-256: 78e8d29fd25e3391d855e568fec670d92321394d5032a963be31b8619fda53a1 python3.12-debuginfo-3.12.13-2.el8_10.x86_64.rpm SHA-256: db1624348fb7ac2add6b1675f121e49765f457d76b65464afc905b7371d393ed python3.12-debugsource-3.12.13-2.el8_10.i686.rpm SHA-256: 24af7637e29223ddb089e658fa2615ec087f