CNNVD-202601-3166 Information

CNNVD ID

CNNVD-202601-3166

Related CVE

CVE-2025-15366

• CNNVD Published: 2026-01-20

Description (Chinese)

CPython是Python基金会的一个用C语言实现的Python解释器。 CPython存在安全漏洞，该漏洞源于传递用户控制的命令时可能通过换行符注入额外命令。

Description (English)

CPython is a Python interpreter for the Python Foundation in the C language. There is a security loophole in CPython, which arises from the possibility that additional commands may be injected through line breaks when transmitting a user-controlled command.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Python

Published

2026-01-20

Last Modified

2026-02-24

References

https://github.com/python/cpython/commit/6262704b134db2a4ba12e85ecfbd968534f28b45 https://github.com/python/cpython/issues/143921 https://github.com/python/cpython/pull/143922 https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/

Patch

https://github.com/python/cpython/tags