{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3644", "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22", "state": "PUBLISHED", "assignerShortName": "PSF", "dateReserved": "2026-03-06T16:13:09.289Z", "datePublished": "2026-03-16T17:37:31.344Z", "dateUpdated": "2026-04-07T22:01:41.034Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["http.cookies"], "product": "CPython", "repo": "https://github.com/python/cpython", "vendor": "Python Software Foundation", "versions": [{"version": "0", "lessThan": "3.13.13", "status": "affected", "versionType": "python"}, {"version": "3.14.0", "lessThan": "3.14.4", "status": "affected", "versionType": "python"}, {"version": "3.15.0a1", "lessThan": "3.15.0a8", "status": "affected", "versionType": "python"}]}], "credits": [{"lang": "en", "type": "coordinator", "value": "Stan Ulbrych"}, {"lang": "en", "type": "remediation developer", "value": "Stan Ulbrych"}, {"lang": "en", "type": "remediation reviewer", "value": "Victor Stinner"}, {"lang": "en", "type": "remediation reviewer", "value": "Seth Larson"}, {"lang": "en", "type": "reporter", "value": "Vyom Yadav"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output()."}], "value": "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output()."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 6, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "28c92f92-d60d-412d-b760-e73465c3df22", "shortName": "PSF", "dateUpdated": "2026-04-07T22:01:41.034Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4"}, {"tags": ["issue-tracking"], "url": "https://github.com/python/cpython/issues/145599"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/pull/145600"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/62ceb396fcbe69da1ded3702de586f4072b590dd"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/d16ecc6c3626f0e2cc8f08c309c83934e8a979dd"}], "source": {"discovery": "UNKNOWN"}, "title": "Incomplete control character validation in http.cookies", "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-20", "lang": "en", "description": "CWE-20 Improper Input Validation"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-116", "lang": "en", "description": "CWE-116 Improper Encoding or Escaping of Output"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T18:25:27.051552Z", "id": "CVE-2026-3644", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T18:25:55.021Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3644", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T18:25:27.051552Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T18:24:32.300Z"}}], "cna": {"title": "Incomplete control character validation in http.cookies", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "coordinator", "value": "Stan Ulbrych"}, {"lang": "en", "type": "remediation developer", "value": "Stan Ulbrych"}, {"lang": "en", "type": "remediation reviewer", "value": "Victor Stinner"}, {"lang": "en", "type": "remediation reviewer", "value": "Seth Larson"}, {"lang": "en", "type": "reporter", "value": "Vyom Yadav"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/python/cpython", "vendor": "Python Software Foundation", "modules": ["http.cookies"], "product": "CPython", "versions": [{"status": "affected", "version": "0", "lessThan": "3.13.13", "versionType": "python"}, {"status": "affected", "version": "3.14.0", "lessThan": "3.14.4", "versionType": "python"}, {"status": "affected", "version": "3.15.0a1", "lessThan": "3.15.0a8", "versionType": "python"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/", "tags": ["vendor-advisory"]}, {"url": "https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/issues/145599", "tags": ["issue-tracking"]}, {"url": "https://github.com/python/cpython/pull/145600", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/62ceb396fcbe69da1ded3702de586f4072b590dd", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/d16ecc6c3626f0e2cc8f08c309c83934e8a979dd", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 1.0.0"}, "descriptions": [{"lang": "en", "value": "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "supportingMedia": [{"type": "text/html", "value": "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "base64": false}]}], "providerMetadata": {"orgId": "28c92f92-d60d-412d-b760-e73465c3df22", "shortName": "PSF", "dateUpdated": "2026-04-07T22:01:41.034Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3644", "state": "PUBLISHED", "dateUpdated": "2026-04-07T22:01:41.034Z", "dateReserved": "2026-03-06T16:13:09.289Z", "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22", "datePublished": "2026-03-16T17:37:31.344Z", "assignerShortName": "PSF"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output()."}], "id": "CVE-2026-3644", "lastModified": "2026-03-17T14:20:01.670", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@python.org", "type": "Secondary"}]}, "published": "2026-03-16T18:16:09.907", "references": [{"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/62ceb396fcbe69da1ded3702de586f4072b590dd"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/d16ecc6c3626f0e2cc8f08c309c83934e8a979dd"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/issues/145599"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/pull/145600"}, {"source": "cna@python.org", "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/"}], "sourceIdentifier": "cna@python.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-116"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "cpython: Incomplete control character validation in http.cookies", "id": "2448168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448168"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "status": "draft"}, "cwe": "CWE-791", "details": ["A control character validation flaw has been discovered in the Python http.cookie module. The Morsel.update(), |= operator, and unpickling paths were not patched to resolve CVE-2026-0672, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output()."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2026-3644", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "python3.12", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "python3.14", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "python", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "python", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "python3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.11", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.12", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python36:3.6/python36", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python39-devel:3.9/python39", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.11", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.12", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.14", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.9", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-aws-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-azure-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-azure-rocm-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-gcp-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-rocm-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}], "public_date": "2026-03-16T17:37:31Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-3644\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-3644\nhttps://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4\nhttps://github.com/python/cpython/issues/145599\nhttps://github.com/python/cpython/pull/145600\nhttps://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.15.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "CPython", "source": "cna", "vendor": "Python Software Foundation"}, "product": "cpython", "vendor": "python"}], "analysis": {"en": {"generated_at": "2026-03-17T01:22:34.875956+00:00", "value": {"mitigation_remediation": ["Upgrade CPython to the latest release containing the complete control\u2011character validation fix for http.cookies, as provided in the linked commit history.", "Validate or sanitize all cookie input before passing it to http.cookies.Morsel or any related functions to eliminate any remaining control characters.", "If upgrading immediately is not possible, consider implementing a temporary check that rejects cookie values containing non\u2011printable characters or other disallowed patterns.", "Monitor application logs for anomalous cookie values or repeated header injection attempts, and apply additional defensive coding practices such as using parameterized headers and enforcing strict content\u2011type validation."], "summary": {"action": "Apply Patch", "impact": "HTTP Header Injection/Information Disclosure"}, "threat_synthesis": {"affected_systems": "The affected vendor is the Python Software Foundation, product CPython. Specific version information was not included in the CVE data, so affected releases cannot be listed precisely.", "description_and_impact": "The vulnerability arises from an incomplete implementation of control\u2011character validation within Python\u2019s http.cookies module. Specifically, the Morsel.update() method, the bitwise OR assignment operator (|=), and the unpickling process were not patched to reject control characters, allowing them to bypass the intended checks. Additionally, BaseCookie.js_output() omitted the output validation present in BaseCookie.output(), creating another avenue for malicious characters to be processed by the cookie handling logic. This flaw can enable an attacker to inject arbitrary cookie values or manipulate HTTP headers, potentially leading to header injection, cookie poisoning, or other injection\u2011related attacks.", "risk_and_exploitability": "The CVSS score of 6 indicates a medium severity impact. No EPSS data is available, and the vulnerability is not listed in the CISA KEV catalog, suggesting that broad, automated exploitation is not yet documented. The likely attack vector is remote, as crafted HTTP requests containing control characters can be sent to any Python application that uses the http.cookies module to parse incoming cookies. If the application parses user\u2011supplied cookies without prior validation, an attacker could potentially alter HTTP response headers or inject additional cookies, leading to information disclosure or session hijacking. The absence of detailed exploitation proofs limits the assessment, but the medium score reflects a non\u2011zero risk when the flaw is present in production code."}}}}, "created": "2026-03-17T09:52:25.502758+00:00", "updated": "2026-03-24T10:50:05.934384+00:00", "vendors": ["python", "python$PRODUCT$cpython"]}