CVE-2025-11468 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
PSF	CNA	5.7 MEDIUM	NETWORK	LOW	HIGH	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 14%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
python	cpython	𝑥 < 3.10.20	CNA
python	cpython	3.11.0 ≤ 𝑥 < 3.11.15	CNA
python	cpython	3.12.0 ≤ 𝑥 < 3.12.13	CNA
python	cpython	3.13.0 ≤ 𝑥 < 3.13.12	CNA
python	cpython	3.14.0 ≤ 𝑥 < 3.14.3	CNA

openSUSE / SLES Releases

openSUSE Product

Release

libpython3_10-1_0

suse enterprise server 15 SP4

3.10.20-150400.4.102.1

fixed

libpython3_11-1_0

suse enterprise desktop 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise sap 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise sap 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP6	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP7	3.11.15-150600.3.53.1 fixed

libpython3_12-1_0

suse enterprise server 15 SP6

3.12.13-150600.3.48.1

fixed

libpython3_13-1_0

suse enterprise desktop 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise sap 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise server 15 SP7	3.13.12-150700.4.39.1 fixed

libpython3_4m1_0

suse enterprise server 12 SP3	3.4.10-25.172.1 fixed
suse enterprise server 12 SP5	3.4.10-25.172.1 fixed

libpython3_4m1_0-32bit

suse enterprise server 12 SP5

3.4.10-25.172.1

fixed

libpython3_6m1_0

suse enterprise desktop 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise server 12 SP3	3.6.15-6.143.1 fixed
suse enterprise server 12 SP5	3.6.15-100.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.106.1 fixed

libpython3_6m1_0-32bit

suse enterprise server 12 SP5

3.6.15-100.1

fixed

libpython3_9-1_0

suse enterprise server 15 SP5

3.9.25-150300.4.93.1

fixed

python3

suse enterprise desktop 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise server 12 SP3	3.4.10-25.172.1 fixed
suse enterprise server 12 SP5	3.4.10-25.172.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.106.1 fixed

python3-base

suse enterprise desktop 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise server 12 SP3	3.4.10-25.172.1 fixed
suse enterprise server 12 SP5	3.4.10-25.172.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.106.1 fixed

python3-curses

suse enterprise desktop 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise server 12 SP3	3.4.10-25.172.1 fixed
suse enterprise server 12 SP5	3.4.10-25.172.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.106.1 fixed

python3-dbm

suse enterprise desktop 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.106.1 fixed

python3-devel

suse enterprise desktop 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise server 12 SP5	3.4.10-25.172.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.106.1 fixed

python3-idle

suse enterprise desktop 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.106.1 fixed

python3-tk

suse enterprise desktop 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.106.1 fixed
suse enterprise server 12 SP5	3.4.10-25.172.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.106.1 fixed

python3-tools

suse enterprise server 15 SP4	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.106.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.106.1 fixed

python310

suse enterprise server 15 SP4

3.10.20-150400.4.102.1

fixed

python310-base

suse enterprise server 15 SP4

3.10.20-150400.4.102.1

fixed

python310-curses

suse enterprise server 15 SP4

3.10.20-150400.4.102.1

fixed

python310-dbm

suse enterprise server 15 SP4

3.10.20-150400.4.102.1

fixed

python310-devel

suse enterprise server 15 SP4

3.10.20-150400.4.102.1

fixed

python310-idle

suse enterprise server 15 SP4

3.10.20-150400.4.102.1

fixed

python310-tk

suse enterprise server 15 SP4

3.10.20-150400.4.102.1

fixed

python310-tools

suse enterprise server 15 SP4

3.10.20-150400.4.102.1

fixed

python311

suse enterprise desktop 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise sap 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise sap 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP6	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP7	3.11.15-150600.3.53.1 fixed

python311-base

suse enterprise desktop 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise sap 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise sap 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP6	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP7	3.11.15-150600.3.53.1 fixed

python311-curses

suse enterprise desktop 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise sap 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP6	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP7	3.11.15-150600.3.53.1 fixed

python311-dbm

suse enterprise desktop 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise sap 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP6	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP7	3.11.15-150600.3.53.1 fixed

python311-devel

suse enterprise desktop 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise sap 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP6	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP7	3.11.15-150600.3.53.1 fixed

python311-doc

suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed

python311-doc-devhelp

suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed

python311-idle

suse enterprise desktop 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise sap 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP6	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP7	3.11.15-150600.3.53.1 fixed

python311-tk

suse enterprise desktop 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise sap 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP6	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP7	3.11.15-150600.3.53.1 fixed

python311-tools

suse enterprise desktop 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise sap 15 SP7	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP4	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP5	3.11.15-150400.9.80.1 fixed
suse enterprise server 15 SP6	3.11.15-150600.3.53.1 fixed
suse enterprise server 15 SP7	3.11.15-150600.3.53.1 fixed

python312

suse enterprise server 15 SP6

3.12.13-150600.3.48.1

fixed

python312-base

suse enterprise server 15 SP6

3.12.13-150600.3.48.1

fixed

python312-curses

suse enterprise server 15 SP6

3.12.13-150600.3.48.1

fixed

python312-dbm

suse enterprise server 15 SP6

3.12.13-150600.3.48.1

fixed

python312-devel

suse enterprise server 15 SP6

3.12.13-150600.3.48.1

fixed

python312-idle

suse enterprise server 15 SP6

3.12.13-150600.3.48.1

fixed

python312-tk

suse enterprise server 15 SP6

3.12.13-150600.3.48.1

fixed

python312-tools

suse enterprise server 15 SP6

3.12.13-150600.3.48.1

fixed

python313

suse enterprise desktop 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise sap 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise server 15 SP7	3.13.12-150700.4.39.1 fixed

python313-base

suse enterprise desktop 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise sap 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise server 15 SP7	3.13.12-150700.4.39.1 fixed

python313-curses

suse enterprise desktop 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise sap 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise server 15 SP7	3.13.12-150700.4.39.1 fixed

python313-dbm

suse enterprise desktop 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise sap 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise server 15 SP7	3.13.12-150700.4.39.1 fixed

python313-devel

suse enterprise desktop 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise sap 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise server 15 SP7	3.13.12-150700.4.39.1 fixed

python313-idle

suse enterprise desktop 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise sap 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise server 15 SP7	3.13.12-150700.4.39.1 fixed

python313-tk

suse enterprise desktop 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise sap 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise server 15 SP7	3.13.12-150700.4.39.1 fixed

python313-tools

suse enterprise desktop 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise sap 15 SP7	3.13.12-150700.4.39.1 fixed
suse enterprise server 15 SP7	3.13.12-150700.4.39.1 fixed

python36

suse enterprise server 12 SP3	3.6.15-6.143.1 fixed
suse enterprise server 12 SP5	3.6.15-100.1 fixed

python36-base

suse enterprise server 12 SP3	3.6.15-6.143.1 fixed
suse enterprise server 12 SP5	3.6.15-100.1 fixed

python36-curses

suse enterprise server 12 SP3

3.6.15-6.143.1

fixed

python36-dbm

suse enterprise server 12 SP3

3.6.15-6.143.1

fixed

python36-devel

suse enterprise server 12 SP3	3.6.15-6.143.1 fixed
suse enterprise server 12 SP5	3.6.15-100.1 fixed

python36-idle

suse enterprise server 12 SP3

3.6.15-6.143.1

fixed

python36-testsuite

suse enterprise server 12 SP3

3.6.15-6.143.1

fixed

python36-tk

suse enterprise server 12 SP3

3.6.15-6.143.1

fixed

python36-tools

suse enterprise server 12 SP3

3.6.15-6.143.1

fixed

python39

suse enterprise server 15 SP5

3.9.25-150300.4.93.1

fixed

python39-base

suse enterprise server 15 SP5

3.9.25-150300.4.93.1

fixed

python39-curses

suse enterprise server 15 SP5

3.9.25-150300.4.93.1

fixed

python39-dbm

suse enterprise server 15 SP5

3.9.25-150300.4.93.1

fixed

Amazon Linux Releases

Amazon Package

Release

python

Amazon Linux 2

0:2.7.18-1.amzn2.0.16

fixed

python-debug

Amazon Linux 2

0:2.7.18-1.amzn2.0.16

fixed

python-debuginfo

Amazon Linux 2

0:2.7.18-1.amzn2.0.16

fixed

python-devel

Amazon Linux 2

0:2.7.18-1.amzn2.0.16

fixed

python-libs

Amazon Linux 2

0:2.7.18-1.amzn2.0.16

fixed

python-test

Amazon Linux 2

0:2.7.18-1.amzn2.0.16

fixed

python-tools

Amazon Linux 2

0:2.7.18-1.amzn2.0.16

fixed

python-unversioned-command

Amazon Linux 2023

0:3.9.25-1.amzn2023.0.4

fixed

python3

Amazon Linux 2	0:3.7.16-1.amzn2.0.23 fixed
Amazon Linux 2023	0:3.9.25-1.amzn2023.0.4 fixed

python3-debug

Amazon Linux 2	0:3.7.16-1.amzn2.0.23 fixed
Amazon Linux 2023	0:3.9.25-1.amzn2023.0.4 fixed

python3-debuginfo

Amazon Linux 2

0:3.7.16-1.amzn2.0.23

fixed

python3-devel

Amazon Linux 2	0:3.7.16-1.amzn2.0.23 fixed
Amazon Linux 2023	0:3.9.25-1.amzn2023.0.4 fixed

python3-idle

Amazon Linux 2023

0:3.9.25-1.amzn2023.0.4

fixed

python3-libs

Amazon Linux 2	0:3.7.16-1.amzn2.0.23 fixed
Amazon Linux 2023	0:3.9.25-1.amzn2023.0.4 fixed

python3-test

Amazon Linux 2	0:3.7.16-1.amzn2.0.23 fixed
Amazon Linux 2023	0:3.9.25-1.amzn2023.0.4 fixed

python3-tkinter

Amazon Linux 2	0:3.7.16-1.amzn2.0.23 fixed
Amazon Linux 2023	0:3.9.25-1.amzn2023.0.4 fixed

python3-tools

Amazon Linux 2

0:3.7.16-1.amzn2.0.23

fixed

python3.11

Amazon Linux 2023

0:3.11.14-1.amzn2023.0.4

fixed

python3.11-debug

Amazon Linux 2023

0:3.11.14-1.amzn2023.0.4

fixed

python3.11-debuginfo

Amazon Linux 2023

0:3.11.14-1.amzn2023.0.4

fixed

python3.11-debugsource

Amazon Linux 2023

0:3.11.14-1.amzn2023.0.4

fixed

python3.11-devel

Amazon Linux 2023

0:3.11.14-1.amzn2023.0.4

fixed

python3.11-idle

Amazon Linux 2023

0:3.11.14-1.amzn2023.0.4

fixed

python3.11-libs

Amazon Linux 2023

0:3.11.14-1.amzn2023.0.4

fixed

python3.11-test

Amazon Linux 2023

0:3.11.14-1.amzn2023.0.4

fixed

python3.11-tkinter

Amazon Linux 2023

0:3.11.14-1.amzn2023.0.4

fixed

python3.12

Amazon Linux 2023

0:3.12.12-2.amzn2023.0.4

fixed

python3.12-debug

Amazon Linux 2023

0:3.12.12-2.amzn2023.0.4

fixed

python3.12-debuginfo

Amazon Linux 2023

0:3.12.12-2.amzn2023.0.4

fixed

python3.12-debugsource

Amazon Linux 2023

0:3.12.12-2.amzn2023.0.4

fixed

python3.12-devel

Amazon Linux 2023

0:3.12.12-2.amzn2023.0.4

fixed

python3.12-idle

Amazon Linux 2023

0:3.12.12-2.amzn2023.0.4

fixed

python3.12-libs

Amazon Linux 2023

0:3.12.12-2.amzn2023.0.4

fixed

python3.12-test

Amazon Linux 2023

0:3.12.12-2.amzn2023.0.4

fixed

python3.12-tkinter

Amazon Linux 2023

0:3.12.12-2.amzn2023.0.4

fixed

python3.13

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-debug

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-debuginfo

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-debugsource

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-devel

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-freethreading

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-freethreading-debug

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-idle

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-libs

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-test

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.13-tkinter

Amazon Linux 2023

0:3.13.12-1.amzn2023.0.1

fixed

python3.9-debuginfo

Amazon Linux 2023

0:3.9.25-1.amzn2023.0.4

fixed

python3.9-debugsource

Amazon Linux 2023

0:3.9.25-1.amzn2023.0.4

fixed

tkinter

Amazon Linux 2

0:2.7.18-1.amzn2.0.16

fixed

Azure Linux Releases

Azure Package

Release

python3

Azure Linux 3.0

0:3.12.9-8.azl3

fixed

Common Weakness Enumeration

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')
The software uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

References

https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094

https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2

https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6

https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66

https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0

https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796

https://github.com/python/cpython/issues/143935

https://github.com/python/cpython/pull/143936

https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/