RHSA-2025:23530HighCVSS 7.6

Red Hat Security Advisory: python39:3.9 security update

Published
December 18, 2025
Last Modified
July 10, 2026

🔗 CVE IDs covered (12)

📋 Description

CVE-2024-5642 — python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-9287 — python: Virtual environment (venv) activation scripts don't quote paths CVE-2024-11168 — python: Improper validation of IPv6 and IPvFuture addresses CVE-2025-0938 — python: cpython: URL parser allowed square brackets in domain names CVE-2025-4138 — cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory CVE-2025-4330 — cpython: python: Extraction filter bypass for linking outside extraction directory CVE-2025-4435 — cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4516 — cpython: python: CPython DecodeError Handling Vulnerability CVE-2025-4517 — python: cpython: Arbitrary writes via tarfile realpath overflow CVE-2025-6069 — cpython: Python HTMLParser quadratic complexity CVE-2025-6075 — python: Quadratic complexity in os.path.expandvars() with user-controlled template CVE-2025-8291 — cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

🔗 References (16)