CLSA-2026-1778505256

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1778505256.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1778505256
Upstream
Published
2026-05-11T13:14:21Z
Modified
2026-05-27T11:33:55.826243740Z
Summary
python: Fix of 2 CVEs
Details
  • CVE-2021-3733: fix ReDoS in urllib2 AbstractBasicAuthHandler regex; the legacy '(?:.,)' prefix is replaced with the upstream-3.x form '(?:^|,)' and the scheme charset excludes ',' to prevent quadratic backtracking on crafted WWW-Authenticate headers
  • CVE-2021-23336: stop accepting ';' as a default query-string separator in urlparse.parseqs/parseqsl and cgi.parse* / FieldStorage; only '&' is used by default, with an opt-in 'separator' kwarg for callers that need legacy behavior
  • Additional tests for CVE-2021-23336: drop obsolete legacy-';' entries from Lib/test/testcgi.py parsestricttestcases
References

Affected packages

TuxCare:OracleLinux:7
python

Package

Name
python
Purl
pkg:rpm/tuxcare/python?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1778505256.json"
python-debug

Package

Name
python-debug
Purl
pkg:rpm/tuxcare/python-debug?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1778505256.json"
python-devel

Package

Name
python-devel
Purl
pkg:rpm/tuxcare/python-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1778505256.json"
python-libs

Package

Name
python-libs
Purl
pkg:rpm/tuxcare/python-libs?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1778505256.json"
python-test

Package

Name
python-test
Purl
pkg:rpm/tuxcare/python-test?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1778505256.json"
python-tools

Package

Name
python-tools
Purl
pkg:rpm/tuxcare/python-tools?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1778505256.json"
tkinter

Package

Name
tkinter
Purl
pkg:rpm/tuxcare/tkinter?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-94.0.1.el7_9.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1778505256.json"