USN-8018-2
- Source
- https://ubuntu.com/security/notices/USN-8018-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-8018-2
- Upstream
- Related
- Published
- 2026-03-09T09:24:18Z
- Modified
- 2026-03-17T08:44:05.984220Z
- Summary
- python3.4, python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12, python3.13, python3.14 regression
- Details
-
USN-8018-1 fixed vulnerabilities in python3. That update introduced regressions. The patches for CVE-2025-15366 and CVE-2025-15367 caused behavior regressions in IMAP and POP3 handling, which upstream chose to avoid by not backporting them. Additionally, the patch for CVE-2026-0865 incorrectly rejected horizontal tabs in wsgiref headers. This update fixes these problems.
We apologize for the inconvenience.
Original advisory details:
Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this issue to inject arbitrary headers into email messages. This issue only affected python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12, python3.13, and python3.14 packages. (CVE-2025-11468)
Jacob Walls, Shai Berger, and Natalia Bidart discovered that Python inefficiently parsed XML input with quadratic complexity. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-12084)
It was discovered that Python incorrectly parsed malicious plist files. An attacker could possibly use this issue to cause Python to use excessive resources, leading to a denial of service. This issue only affected python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12, python3.13, and python3.14 packages. (CVE-2025-13837)
Omar Hasan discovered that Python incorrectly parsed URL mediatypes. An attacker could possibly use this issue to inject arbitrary HTTP headers. (CVE-2025-15282)
Omar Hasan discovered that Python incorrectly parsed malicious IMAP inputs. An attacker could possibly use this issue to inject arbitrary IMAP commands. (CVE-2025-15366)
Omar Hasan discovered that Python incorrectly parsed malicious POP3 inputs. An attacker could possibly use this issue to inject arbitrary POP3 commands. (CVE-2025-15367)
Omar Hasan discovered that Python incorrectly parsed malicious HTTP cookie headers. An attacker could possibly use this issue to inject arbitrary HTTP headers. (CVE-2026-0672)
Omar Hasan discovered that Python incorrectly parsed malicious HTTP header names and values. An attacker could possibly use this issue to inject arbitrary HTTP headers. (CVE-2026-0865)
- References
Affected packages
Ubuntu:22.04:LTS
python3.10
Package
- Name
- python3.10
- Purl
- pkg:deb/ubuntu/python3.10@3.10.12-1~22.04.15?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.10.12-1~22.04.15
Affected versions
3.*
3.10.0-2
3.10.0-3
3.10.0-4
3.10.0-5
3.10.0-5build1
3.10.1-1
3.10.1-2
3.10.2-1
3.10.2-5
3.10.2-7
3.10.3-1
3.10.4-3
3.10.4-3ubuntu0.1
3.10.6-1~22.04
3.10.6-1~22.04.1
3.10.6-1~22.04.2
3.10.6-1~22.04.2ubuntu1
3.10.6-1~22.04.2ubuntu1.1
3.10.12-1~22.04.2
3.10.12-1~22.04.3
3.10.12-1~22.04.4
3.10.12-1~22.04.5
3.10.12-1~22.04.6
3.10.12-1~22.04.7
3.10.12-1~22.04.8
3.10.12-1~22.04.9
3.10.12-1~22.04.10
3.10.12-1~22.04.11
3.10.12-1~22.04.12
3.10.12-1~22.04.13
3.10.12-1~22.04.14
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "idle-python3.10"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "libpython3.10"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "libpython3.10-dev"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "libpython3.10-minimal"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "libpython3.10-stdlib"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "libpython3.10-testsuite"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "python3.10"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "python3.10-dev"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "python3.10-examples"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "python3.10-full"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "python3.10-minimal"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "python3.10-nopie"
},
{
"binary_version": "3.10.12-1~22.04.15",
"binary_name": "python3.10-venv"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
Ubuntu:24.04:LTS
python3.12
Package
- Name
- python3.12
- Purl
- pkg:deb/ubuntu/python3.12@3.12.3-1ubuntu0.12?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.3-1ubuntu0.12
Affected versions
3.*
3.12.0-1
3.12.0-5
3.12.0-6
3.12.0-7
3.12.1-2
3.12.2-1
3.12.2-4build3
3.12.2-4build4
3.12.2-5ubuntu3
3.12.3-1
3.12.3-1ubuntu0.1
3.12.3-1ubuntu0.2
3.12.3-1ubuntu0.3
3.12.3-1ubuntu0.4
3.12.3-1ubuntu0.5
3.12.3-1ubuntu0.6
3.12.3-1ubuntu0.7
3.12.3-1ubuntu0.8
3.12.3-1ubuntu0.9
3.12.3-1ubuntu0.10
3.12.3-1ubuntu0.11
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "idle-python3.12"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "libpython3.12-dev"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "libpython3.12-minimal"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "libpython3.12-stdlib"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "libpython3.12-testsuite"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "libpython3.12t64"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "python3.12"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "python3.12-dev"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "python3.12-examples"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "python3.12-full"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "python3.12-minimal"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "python3.12-nopie"
},
{
"binary_version": "3.12.3-1ubuntu0.12",
"binary_name": "python3.12-venv"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
Ubuntu:25.10
python3.13
Package
- Name
- python3.13
- Purl
- pkg:deb/ubuntu/python3.13@3.13.7-1ubuntu0.4?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.13.7-1ubuntu0.4
Affected versions
3.*
3.13.3-1
3.13.3-2
3.13.3-4
3.13.4-1
3.13.5-1
3.13.5-2
3.13.6-1
3.13.7-1
3.13.7-1ubuntu0.1
3.13.7-1ubuntu0.2
3.13.7-1ubuntu0.3
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "idle-python3.13"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "libpython3.13"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "libpython3.13-dev"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "libpython3.13-minimal"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "libpython3.13-stdlib"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "libpython3.13-testsuite"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "python3.13"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "python3.13-dev"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "python3.13-examples"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "python3.13-full"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "python3.13-gdbm"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "python3.13-minimal"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "python3.13-nopie"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "python3.13-tk"
},
{
"binary_version": "3.13.7-1ubuntu0.4",
"binary_name": "python3.13-venv"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:25.10"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
python3.14
Package
- Name
- python3.14
- Purl
- pkg:deb/ubuntu/python3.14@3.14.0-1ubuntu0.3?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.14.0-1ubuntu0.3
Affected versions
3.*
3.14.0~a7-0ubuntu1
3.14.0~b1-1
3.14.0~b3-1
3.14.0~rc1-1
3.14.0~rc2-1
3.14.0~rc3-1
3.14.0-1
3.14.0-1ubuntu0.1
3.14.0-1ubuntu0.2
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "idle-python3.14"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "libpython3.14"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "libpython3.14-dev"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "libpython3.14-minimal"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "libpython3.14-stdlib"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "libpython3.14-testsuite"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "python3.14"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "python3.14-dev"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "python3.14-examples"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "python3.14-full"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "python3.14-gdbm"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "python3.14-minimal"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "python3.14-nopie"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "python3.14-tk"
},
{
"binary_version": "3.14.0-1ubuntu0.3",
"binary_name": "python3.14-venv"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:25.10"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
Ubuntu:Pro:14.04:LTS
python3.4
Package
- Name
- python3.4
- Purl
- pkg:deb/ubuntu/python3.4@3.4.3-1ubuntu1~14.04.7+esm20?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.4.3-1ubuntu1~14.04.7+esm20
Affected versions
3.*
3.4~b1-0ubuntu3
3.4~b1-4ubuntu4
3.4~b1-4ubuntu6
3.4~b1-5ubuntu2
3.4~b2-1
3.4~b3-1ubuntu1
3.4~rc1-1build1
3.4~rc2-1
3.4~rc3-0ubuntu1
3.4.0-1
3.4.0-2ubuntu1
3.4.0-2ubuntu1.1
3.4.3-1ubuntu1~14.04.1
3.4.3-1ubuntu1~14.04.3
3.4.3-1ubuntu1~14.04.4
3.4.3-1ubuntu1~14.04.5
3.4.3-1ubuntu1~14.04.6
3.4.3-1ubuntu1~14.04.7
3.4.3-1ubuntu1~14.04.7+esm2
3.4.3-1ubuntu1~14.04.7+esm4
3.4.3-1ubuntu1~14.04.7+esm6
3.4.3-1ubuntu1~14.04.7+esm7
3.4.3-1ubuntu1~14.04.7+esm8
3.4.3-1ubuntu1~14.04.7+esm10
3.4.3-1ubuntu1~14.04.7+esm11
3.4.3-1ubuntu1~14.04.7+esm12
3.4.3-1ubuntu1~14.04.7+esm13
3.4.3-1ubuntu1~14.04.7+esm14
3.4.3-1ubuntu1~14.04.7+esm15
3.4.3-1ubuntu1~14.04.7+esm16
3.4.3-1ubuntu1~14.04.7+esm17
3.4.3-1ubuntu1~14.04.7+esm19
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "idle-python3.4"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "libpython3.4"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "libpython3.4-dev"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "libpython3.4-minimal"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "libpython3.4-stdlib"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "libpython3.4-testsuite"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "python3.4"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "python3.4-dev"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "python3.4-examples"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "python3.4-minimal"
},
{
"binary_version": "3.4.3-1ubuntu1~14.04.7+esm20",
"binary_name": "python3.4-venv"
}
],
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:14.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
python3.5
Package
- Name
- python3.5
- Purl
- pkg:deb/ubuntu/python3.5@3.5.2-2ubuntu0~16.04.4~14.04.1+esm10?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.5.2-2ubuntu0~16.04.4~14.04.1+esm10
Affected versions
3.*
3.5.2-2ubuntu0~16.04.4~14.04.1
3.5.2-2ubuntu0~16.04.4~14.04.1+esm1
3.5.2-2ubuntu0~16.04.4~14.04.1+esm3
3.5.2-2ubuntu0~16.04.4~14.04.1+esm4
3.5.2-2ubuntu0~16.04.4~14.04.1+esm5
3.5.2-2ubuntu0~16.04.4~14.04.1+esm6
3.5.2-2ubuntu0~16.04.4~14.04.1+esm7
3.5.2-2ubuntu0~16.04.4~14.04.1+esm8
3.5.2-2ubuntu0~16.04.4~14.04.1+esm9
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "idle-python3.5"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "libpython3.5"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "libpython3.5-dev"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "libpython3.5-minimal"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "libpython3.5-stdlib"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "libpython3.5-testsuite"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "python3.5"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "python3.5-dev"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "python3.5-examples"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "python3.5-minimal"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.4~14.04.1+esm10",
"binary_name": "python3.5-venv"
}
],
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:14.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
Ubuntu:Pro:16.04:LTS
python3.5
Package
- Name
- python3.5
- Purl
- pkg:deb/ubuntu/python3.5@3.5.2-2ubuntu0~16.04.13+esm22?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.5.2-2ubuntu0~16.04.13+esm22
Affected versions
3.*
3.5.0-3
3.5.0-3ubuntu1
3.5.1~rc1-2ubuntu1
3.5.1-1
3.5.1-2
3.5.1-3
3.5.1-5
3.5.1-6ubuntu1
3.5.1-6ubuntu2
3.5.1-9ubuntu1
3.5.1-10
3.5.2-2~16.01
3.5.2-2~16.04
3.5.2-2ubuntu0~16.04.1
3.5.2-2ubuntu0~16.04.2
3.5.2-2ubuntu0~16.04.3
3.5.2-2ubuntu0~16.04.4
3.5.2-2ubuntu0~16.04.5
3.5.2-2ubuntu0~16.04.8
3.5.2-2ubuntu0~16.04.9
3.5.2-2ubuntu0~16.04.10
3.5.2-2ubuntu0~16.04.11
3.5.2-2ubuntu0~16.04.12
3.5.2-2ubuntu0~16.04.13
3.5.2-2ubuntu0~16.04.13+esm1
3.5.2-2ubuntu0~16.04.13+esm2
3.5.2-2ubuntu0~16.04.13+esm3
3.5.2-2ubuntu0~16.04.13+esm5
3.5.2-2ubuntu0~16.04.13+esm6
3.5.2-2ubuntu0~16.04.13+esm7
3.5.2-2ubuntu0~16.04.13+esm8
3.5.2-2ubuntu0~16.04.13+esm9
3.5.2-2ubuntu0~16.04.13+esm10
3.5.2-2ubuntu0~16.04.13+esm11
3.5.2-2ubuntu0~16.04.13+esm12
3.5.2-2ubuntu0~16.04.13+esm13
3.5.2-2ubuntu0~16.04.13+esm14
3.5.2-2ubuntu0~16.04.13+esm15
3.5.2-2ubuntu0~16.04.13+esm16
3.5.2-2ubuntu0~16.04.13+esm17
3.5.2-2ubuntu0~16.04.13+esm18
3.5.2-2ubuntu0~16.04.13+esm19
3.5.2-2ubuntu0~16.04.13+esm20
3.5.2-2ubuntu0~16.04.13+esm21
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "idle-python3.5"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "libpython3.5"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "libpython3.5-dev"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "libpython3.5-minimal"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "libpython3.5-stdlib"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "libpython3.5-testsuite"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "python3.5"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "python3.5-dev"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "python3.5-examples"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "python3.5-minimal"
},
{
"binary_version": "3.5.2-2ubuntu0~16.04.13+esm22",
"binary_name": "python3.5-venv"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:16.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
Ubuntu:Pro:18.04:LTS
python3.6
Package
- Name
- python3.6
- Purl
- pkg:deb/ubuntu/python3.6@3.6.9-1~18.04ubuntu1.13+esm9?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.6.9-1~18.04ubuntu1.13+esm9
Affected versions
3.*
3.6.3-1ubuntu1
3.6.4~rc1-1
3.6.4~rc1-2
3.6.4-1
3.6.4-2
3.6.4-3build1
3.6.4-4
3.6.5~rc1-1
3.6.5-3
3.6.6-1~18.04
3.6.7-1~18.04
3.6.8-1~18.04.1
3.6.8-1~18.04.2
3.6.8-1~18.04.3
3.6.9-1~18.04
3.6.9-1~18.04ubuntu1
3.6.9-1~18.04ubuntu1.1
3.6.9-1~18.04ubuntu1.3
3.6.9-1~18.04ubuntu1.4
3.6.9-1~18.04ubuntu1.6
3.6.9-1~18.04ubuntu1.7
3.6.9-1~18.04ubuntu1.8
3.6.9-1~18.04ubuntu1.9
3.6.9-1~18.04ubuntu1.10
3.6.9-1~18.04ubuntu1.12
3.6.9-1~18.04ubuntu1.13
3.6.9-1~18.04ubuntu1.13+esm1
3.6.9-1~18.04ubuntu1.13+esm2
3.6.9-1~18.04ubuntu1.13+esm3
3.6.9-1~18.04ubuntu1.13+esm4
3.6.9-1~18.04ubuntu1.13+esm5
3.6.9-1~18.04ubuntu1.13+esm6
3.6.9-1~18.04ubuntu1.13+esm7
3.6.9-1~18.04ubuntu1.13+esm8
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "idle-python3.6"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "libpython3.6"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "libpython3.6-dev"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "libpython3.6-minimal"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "libpython3.6-stdlib"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "libpython3.6-testsuite"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "python3.6"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "python3.6-dev"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "python3.6-examples"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "python3.6-minimal"
},
{
"binary_version": "3.6.9-1~18.04ubuntu1.13+esm9",
"binary_name": "python3.6-venv"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
python3.7
Package
- Name
- python3.7
- Purl
- pkg:deb/ubuntu/python3.7@3.7.5-2ubuntu1~18.04.2+esm10?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.7.5-2ubuntu1~18.04.2+esm10
Affected versions
3.*
3.7.0~a2-1
3.7.0~a3-1
3.7.0~a3-2
3.7.0~a3-3
3.7.0~a4-1
3.7.0~b1-1
3.7.0~b1-1build1
3.7.0~b2-1
3.7.0~b3-1
3.7.0-1~18.04
3.7.1-1~18.04
3.7.3-2~18.04.1
3.7.5-2~18.04
3.7.5-2~18.04.4
3.7.5-2ubuntu1~18.04.2
3.7.5-2ubuntu1~18.04.2+esm1
3.7.5-2ubuntu1~18.04.2+esm2
3.7.5-2ubuntu1~18.04.2+esm3
3.7.5-2ubuntu1~18.04.2+esm4
3.7.5-2ubuntu1~18.04.2+esm5
3.7.5-2ubuntu1~18.04.2+esm6
3.7.5-2ubuntu1~18.04.2+esm7
3.7.5-2ubuntu1~18.04.2+esm8
3.7.5-2ubuntu1~18.04.2+esm9
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "idle-python3.7"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.7"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.7-dev"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.7-minimal"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.7-stdlib"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.7-testsuite"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "python3.7"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "python3.7-dev"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "python3.7-examples"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "python3.7-minimal"
},
{
"binary_version": "3.7.5-2ubuntu1~18.04.2+esm10",
"binary_name": "python3.7-venv"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
python3.8
Package
- Name
- python3.8
- Purl
- pkg:deb/ubuntu/python3.8@3.8.0-3ubuntu1~18.04.2+esm10?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.8.0-3ubuntu1~18.04.2+esm10
Affected versions
3.*
3.8.0-3~18.04
3.8.0-3~18.04.1
3.8.0-3ubuntu1~18.04.2
3.8.0-3ubuntu1~18.04.2+esm1
3.8.0-3ubuntu1~18.04.2+esm2
3.8.0-3ubuntu1~18.04.2+esm3
3.8.0-3ubuntu1~18.04.2+esm4
3.8.0-3ubuntu1~18.04.2+esm5
3.8.0-3ubuntu1~18.04.2+esm6
3.8.0-3ubuntu1~18.04.2+esm7
3.8.0-3ubuntu1~18.04.2+esm8
3.8.0-3ubuntu1~18.04.2+esm9
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "idle-python3.8"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.8"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.8-dev"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.8-minimal"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.8-stdlib"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "libpython3.8-testsuite"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "python3.8"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "python3.8-dev"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "python3.8-examples"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "python3.8-minimal"
},
{
"binary_version": "3.8.0-3ubuntu1~18.04.2+esm10",
"binary_name": "python3.8-venv"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
Ubuntu:Pro:20.04:LTS
python3.8
Package
- Name
- python3.8
- Purl
- pkg:deb/ubuntu/python3.8@3.8.10-0ubuntu1~20.04.18+esm6?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.8.10-0ubuntu1~20.04.18+esm6
Affected versions
3.*
3.8.0-1
3.8.0-2
3.8.0-3
3.8.0-4
3.8.0-5
3.8.1-2ubuntu3
3.8.2~rc1-1ubuntu1
3.8.2-1
3.8.2-1ubuntu1
3.8.2-1ubuntu1.1
3.8.2-1ubuntu1.2
3.8.5-1~20.04
3.8.5-1~20.04.2
3.8.5-1~20.04.3
3.8.10-0ubuntu1~20.04
3.8.10-0ubuntu1~20.04.1
3.8.10-0ubuntu1~20.04.2
3.8.10-0ubuntu1~20.04.4
3.8.10-0ubuntu1~20.04.5
3.8.10-0ubuntu1~20.04.6
3.8.10-0ubuntu1~20.04.7
3.8.10-0ubuntu1~20.04.8
3.8.10-0ubuntu1~20.04.9
3.8.10-0ubuntu1~20.04.10
3.8.10-0ubuntu1~20.04.11
3.8.10-0ubuntu1~20.04.12
3.8.10-0ubuntu1~20.04.13
3.8.10-0ubuntu1~20.04.14
3.8.10-0ubuntu1~20.04.15
3.8.10-0ubuntu1~20.04.16
3.8.10-0ubuntu1~20.04.17
3.8.10-0ubuntu1~20.04.18
3.8.10-0ubuntu1~20.04.18+esm1
3.8.10-0ubuntu1~20.04.18+esm2
3.8.10-0ubuntu1~20.04.18+esm3
3.8.10-0ubuntu1~20.04.18+esm4
3.8.10-0ubuntu1~20.04.18+esm5
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "idle-python3.8"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "libpython3.8"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "libpython3.8-dev"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "libpython3.8-minimal"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "libpython3.8-stdlib"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "libpython3.8-testsuite"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "python3.8"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "python3.8-dev"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "python3.8-examples"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "python3.8-full"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "python3.8-minimal"
},
{
"binary_version": "3.8.10-0ubuntu1~20.04.18+esm6",
"binary_name": "python3.8-venv"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:20.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
python3.9
Package
- Name
- python3.9
- Purl
- pkg:deb/ubuntu/python3.9@3.9.5-3ubuntu0~20.04.1+esm10?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.9.5-3ubuntu0~20.04.1+esm10
Affected versions
3.*
3.9.0~rc1-1~20.04
3.9.0-5~20.04
3.9.5-3~20.04.1
3.9.5-3ubuntu0~20.04.1
3.9.5-3ubuntu0~20.04.1+esm1
3.9.5-3ubuntu0~20.04.1+esm2
3.9.5-3ubuntu0~20.04.1+esm3
3.9.5-3ubuntu0~20.04.1+esm4
3.9.5-3ubuntu0~20.04.1+esm5
3.9.5-3ubuntu0~20.04.1+esm6
3.9.5-3ubuntu0~20.04.1+esm7
3.9.5-3ubuntu0~20.04.1+esm8
3.9.5-3ubuntu0~20.04.1+esm9
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "idle-python3.9"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "libpython3.9"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "libpython3.9-dev"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "libpython3.9-minimal"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "libpython3.9-stdlib"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "libpython3.9-testsuite"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "python3.9"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "python3.9-dev"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "python3.9-examples"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "python3.9-full"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "python3.9-minimal"
},
{
"binary_version": "3.9.5-3ubuntu0~20.04.1+esm10",
"binary_name": "python3.9-venv"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:20.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"
Ubuntu:Pro:22.04:LTS
python3.11
Package
- Name
- python3.11
- Purl
- pkg:deb/ubuntu/python3.11@3.11.0~rc1-1~22.04.1~esm9?arch=source&distro=esm-apps/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.11.0~rc1-1~22.04.1~esm9
Affected versions
3.*
3.11.0~rc1-1~22.04
3.11.0~rc1-1~22.04.1~esm1
3.11.0~rc1-1~22.04.1~esm2
3.11.0~rc1-1~22.04.1~esm3
3.11.0~rc1-1~22.04.1~esm4
3.11.0~rc1-1~22.04.1~esm5
3.11.0~rc1-1~22.04.1~esm6
3.11.0~rc1-1~22.04.1~esm7
3.11.0~rc1-1~22.04.1~esm8
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "idle-python3.11"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "libpython3.11"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "libpython3.11-dev"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "libpython3.11-minimal"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "libpython3.11-stdlib"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "libpython3.11-testsuite"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "python3.11"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "python3.11-dev"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "python3.11-examples"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "python3.11-full"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "python3.11-minimal"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "python3.11-nopie"
},
{
"binary_version": "3.11.0~rc1-1~22.04.1~esm9",
"binary_name": "python3.11-venv"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-15366",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-15367",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2026-0865",
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8018-2.json"