Bugs fixes in "python3.10"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2026-0865 | User-controlled header names and values containing newlines can allow injecting HTTP headers. | 2026-02-05 |
| CVE | CVE-2026-0672 | When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all contro | 2026-02-05 |
| CVE | CVE-2025-15367 | The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containin | 2026-02-05 |
| CVE | CVE-2025-15366 | The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containi | 2026-02-05 |
| CVE | CVE-2025-15282 | User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype. | 2026-02-05 |
| CVE | CVE-2025-13837 | When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues | 2026-02-05 |
| CVE | CVE-2025-12084 | When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadra | 2026-02-05 |
| CVE | CVE-2025-11468 | When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be us | 2026-02-05 |
| CVE | CVE-2026-0865 | User-controlled header names and values containing newlines can allow injecting HTTP headers. | 2026-02-05 |
| CVE | CVE-2026-0672 | When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all contro | 2026-02-05 |
| CVE | CVE-2025-15367 | The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containin | 2026-02-05 |
| CVE | CVE-2025-15366 | The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containi | 2026-02-05 |
| CVE | CVE-2025-15282 | User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype. | 2026-02-05 |
| CVE | CVE-2025-13837 | When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues | 2026-02-05 |
| CVE | CVE-2025-12084 | When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadra | 2026-02-05 |
| CVE | CVE-2025-11468 | When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be us | 2026-02-05 |
| CVE | CVE-2025-13836 | When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malici | 2026-01-12 |
| CVE | CVE-2025-13836 | When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malici | 2026-01-12 |
| CVE | CVE-2025-13836 | When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malici | 2026-01-12 |
| CVE | CVE-2025-13836 | When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malici | 2026-01-12 |
About
-
Send Feedback to @ubuntu_updates
