Nixpkgs security tracker

Untriaged

Permalink CVE-2026-0672

created 2 months, 3 weeks ago

Header injection in http.cookies.Morsel

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.

References

https://github.com/python/cpython/pull/143920 patch
https://github.com/python/cpython/issues/143919 issue-tracking
https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQ… vendor-advisory
https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f… patch
https://github.com/python/cpython/pull/143920 patch
https://github.com/python/cpython/issues/143919 issue-tracking
https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQ… vendor-advisory
https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f… patch
https://github.com/python/cpython/pull/143920 patch
https://github.com/python/cpython/issues/143919 issue-tracking
https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQ… vendor-advisory
https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f… patch
https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa4… patch
https://github.com/python/cpython/pull/143920 patch
https://github.com/python/cpython/issues/143919 issue-tracking
https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQ… vendor-advisory
https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f… patch
https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa4… patch
https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f1… patch
https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba… patch
https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756… patch
https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e… patch
https://github.com/python/cpython/pull/143920 patch
https://github.com/python/cpython/issues/143919 issue-tracking
https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQ… vendor-advisory
https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f… patch
https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa4… patch
https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f1… patch
https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba… patch
https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756… patch
https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e… patch
https://github.com/python/cpython/pull/143920 patch
https://github.com/python/cpython/issues/143919 issue-tracking
https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQ… vendor-advisory
https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f… patch
https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa4… patch
https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f1… patch
https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba… patch
https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756… patch
https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e… patch

Affected products

CPython

<3.15.0a6
<3.15.0
<3.14.3
<3.13.12

Matching in nixpkgs

pkgs.haskellPackages.cpython

Bindings for libpython

nixos-unstable 3.9.0
- nixpkgs-unstable 3.9.0
- nixos-unstable-small 3.9.0
nixos-25.11 3.9.0
- nixpkgs-25.11-darwin 3.9.0

Package maintainers

@sheepforce Phillip Seeber <phillip.seeber@googlemail.com>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.cpython

Package maintainers