{
  "threat_severity" : "Moderate",
  "public_date" : "2026-03-16T17:37:31Z",
  "bugzilla" : {
    "description" : "cpython: Incomplete control character validation in http.cookies",
    "id" : "2448168",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2448168"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-791",
  "details" : [ "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve  CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output()." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "release_date" : "2026-05-19T00:00:00Z",
    "advisory" : "RHSA-2026:19019",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10.2",
    "package" : "python3.14-0:3.14.4-2.el10_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10",
    "release_date" : "2026-05-19T00:00:00Z",
    "advisory" : "RHSA-2026:19064",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10.2",
    "package" : "python3.12-0:3.12.13-2.el10_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2026-04-27T00:00:00Z",
    "advisory" : "RHSA-2026:10950",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "python3.12-0:3.12.13-2.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2026-05-19T00:00:00Z",
    "advisory" : "RHSA-2026:19176",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "python3.14-0:3.14.4-2.el9_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2026-05-19T00:00:00Z",
    "advisory" : "RHSA-2026:19177",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "python3.12-0:3.12.13-2.el9_8"
  }, {
    "product_name" : "Red Hat Hardened Images",
    "release_date" : "2026-04-10T00:00:00Z",
    "advisory" : "RHSA-2026:7443",
    "cpe" : "cpe:/a:redhat:hummingbird:1",
    "package" : "python3-13-main-3.13.13-1.hum1"
  }, {
    "product_name" : "Red Hat Hardened Images",
    "release_date" : "2026-04-11T00:00:00Z",
    "advisory" : "RHSA-2026:7661",
    "cpe" : "cpe:/a:redhat:hummingbird:1",
    "package" : "python3-14-main-3.14.4-1.hum1"
  }, {
    "product_name" : "Red Hat Hardened Images",
    "release_date" : "2026-04-17T00:00:00Z",
    "advisory" : "RHSA-2026:8822",
    "cpe" : "cpe:/a:redhat:hummingbird:1",
    "package" : "python3-11-main-3.11.15-4.hum1"
  }, {
    "product_name" : "Red Hat Hardened Images",
    "release_date" : "2026-04-17T00:00:00Z",
    "advisory" : "RHSA-2026:8824",
    "cpe" : "cpe:/a:redhat:hummingbird:1",
    "package" : "python3-12-main-3.12.13-3.hum1"
  }, {
    "product_name" : "Red Hat Update Infrastructure 5",
    "release_date" : "2026-05-27T00:00:00Z",
    "advisory" : "RHSA-2026:21275",
    "cpe" : "cpe:/a:redhat:rhui:5::el9",
    "package" : "rhui5/installer-rhel9:1779798165"
  }, {
    "product_name" : "Red Hat Update Infrastructure 5",
    "release_date" : "2026-05-27T00:00:00Z",
    "advisory" : "RHSA-2026:21275",
    "cpe" : "cpe:/a:redhat:rhui:5::el9",
    "package" : "rhui5/rhua-rhel9:1779798222"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Fix deferred",
    "package_name" : "python",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Fix deferred",
    "package_name" : "python",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Fix deferred",
    "package_name" : "python3",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "python3",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "python3.11",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "python36:3.6/python36",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "python39-devel:3.9/python39",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "python3.11",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "python3.9",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Fix deferred",
    "package_name" : "rhelai3/bootc-aws-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Fix deferred",
    "package_name" : "rhelai3/bootc-azure-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Fix deferred",
    "package_name" : "rhelai3/bootc-azure-rocm-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Fix deferred",
    "package_name" : "rhelai3/bootc-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Fix deferred",
    "package_name" : "rhelai3/bootc-gcp-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Fix deferred",
    "package_name" : "rhelai3/bootc-rocm-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-3644\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-3644\nhttps://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4\nhttps://github.com/python/cpython/issues/145599\nhttps://github.com/python/cpython/pull/145600\nhttps://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/" ],
  "name" : "CVE-2026-3644",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}