20 matches found
SUSE CVE-2024-0397
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2024-699)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-699 advisory. A defect was discovered in the Python ssl module where there is a memoryrace condition with the ssl.SSLContext methods certstorestats andgetcacerts. The race condition can be triggered if the methods...
CVE-2024-0397
A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time that certificates are...
PT-2024-37178 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.14 GitHub Enterprise Server version 3.9.17 GitHub Enterprise Server version 3.10.14 GitHub Enterprise Server version 3.11.12 GitHub Enterprise Server version 3.12.6 GitHub Enterprise Server version...
OPENSUSE-SU-2024:14083-1 python310-3.10.14-3.1 on GA media
These are all security issues fixed in the python310-3.10.14-3.1 package on the GA media of openSUSE Tumbleweed...
BIT-PYTHON-2024-0397 Memory race condition in ssl.SSLContext certificate store methods
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
CVE-2024-0397
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
AZL-42784 CVE-2024-0397 affecting package python3 for versions less than 3.12.3-1
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
CVE-2024-0397
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
CVE-2024-0397 Memory race condition in ssl.SSLContext certificate store methods
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
CVE-2024-0397 Memory race condition in ssl.SSLContext certificate store methods
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
CVE-2024-0397
CVE-2024-0397: A memory race in Python's ssl module between SSLContext.cert_store_stats() and SSLContext.get_ca_certs() can be triggered when certificates are loaded into the SSLContext concurrently with a TLS handshake. The issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5. Upgradi...
OPENSUSE-SU-2024:13799-1 python310-3.10.14-1.1 on GA media
These are all security issues fixed in the python310-3.10.14-1.1 package on the GA media of openSUSE Tumbleweed...
Python DoS Vulnerability (Mar 2024) - Linux
Python is prone to a denial of service DoS vulnerability in libexpat. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Python DoS Vulnerability (Mar 2024) - Mac OS X
Python is prone to a denial of service DoS vulnerability in libexpat. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Python Symlink Dereference Vulnerability (Mar 2024) - Linux
Python is prone to a symlink dereference vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
Python Multiple Vulnerabilities (Mar 2024) - Mac OS X
Python is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
Python Symlink Dereference Vulnerability (Mar 2024) - Windows
Python is prone to a symlink dereference vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
Information disclosure
Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated...
Fedora 18 : kernel-3.10.14-100.fc18 (2013-18364)
The 3.10.14 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...