{"id":"RHSA-2026:10950","summary":"Red Hat Security Advisory: python3.12 security update","modified":"2026-04-28T10:32:37.231601173Z","published":"2026-04-28T10:08:05Z","upstream":["CVE-2025-13837","CVE-2025-15282","CVE-2025-59375","CVE-2025-6075","CVE-2026-0672","CVE-2026-1502","CVE-2026-2297","CVE-2026-3644","CVE-2026-4224","CVE-2026-4786","CVE-2026-6100"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:10950"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395108"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2408891"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418084"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431366"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431374"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444691"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448168"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448181"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457409"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457932"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458049"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10950.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-6075"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-6075"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6075"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/136065"},{"type":"ARTICLE","url":"https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-13837"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-13837"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13837"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/119342"},{"type":"ARTICLE","url":"https://github.com/python/cpython/pull/119343"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-15282"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-15282"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-15282"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/143925"},{"type":"ARTICLE","url":"https://github.com/python/cpython/pull/143926"},{"type":"ARTICLE","url":"https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-59375"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-59375"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59375"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-0672"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-0672"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0672"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/143919"},{"type":"ARTICLE","url":"https://github.com/python/cpython/pull/143920"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-1502"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-1502"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1502"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/05ed7ce7ae9e17c23a04085b2539fe6d6d3cef69"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/146211"},{"type":"ARTICLE","url":"https://github.com/python/cpython/pull/146212"},{"type":"ARTICLE","url":"https://mail.python.org/archives/list/security-announce@python.org/thread/2IVPAEQWUJBCTQZEJEVTYCIKSMQPGRZ3/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-2297"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-2297"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-2297"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/145506"},{"type":"ARTICLE","url":"https://github.com/python/cpython/pull/145507"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-3644"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-3644"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-3644"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/145599"},{"type":"ARTICLE","url":"https://github.com/python/cpython/pull/145600"},{"type":"ARTICLE","url":"https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-4224"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-4224"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4224"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/145986"},{"type":"ARTICLE","url":"https://github.com/python/cpython/pull/145987"},{"type":"ARTICLE","url":"https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-4786"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-4786"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4786"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/148169"},{"type":"ARTICLE","url":"https://github.com/python/cpython/pull/148170"},{"type":"ARTICLE","url":"https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-6100"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-6100"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6100"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/6a5f79c8d7bbf22b083b240910c7a8781a59437d"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/8fc66aef6d7b3ae58f43f5c66f9366cc8cbbfcd2"},{"type":"ARTICLE","url":"https://github.com/python/cpython/commit/c3cf71c3366fe49acb776a639405c0eea6169c20"},{"type":"ARTICLE","url":"https://github.com/python/cpython/issues/148395"},{"type":"ARTICLE","url":"https://github.com/python/cpython/pull/148396"},{"type":"ARTICLE","url":"https://mail.python.org/archives/list/security-announce@python.org/thread/HTWB2Z6KT5QQX4RYEZAFININDHNOSIF3/"}],"affected":[{"package":{"name":"python3.12","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-debug","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12-debug"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-devel","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-idle","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12-idle"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-libs","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-rpm-macros","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12-rpm-macros"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-test","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-tkinter","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/python3.12-tkinter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-debug","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12-debug"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-debugsource","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-devel","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-idle","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12-idle"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-libs","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-rpm-macros","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12-rpm-macros"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-test","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}},{"package":{"name":"python3.12-tkinter","ecosystem":"Red Hat:enterprise_linux:8::crb","purl":"pkg:rpm/redhat/python3.12-tkinter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.12.13-2.el8_10"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:10950.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}