Lucene search
K

32 matches found

OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.38 views

Debian: Security Advisory (DLA-1107-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.5AI score0.05978EPSS
Exploits0References3
Debian
Debian
added 2017/09/23 1:39 p.m.35 views

[SECURITY] [DLA 1107-1] bzr security update

Package : bzr Version : 2.6.0bzr6526-1+deb7u1 CVE ID : CVE-2013-2099 CVE-2017-14176 Debian Bug : 709068 874429 CVE-2013-2099 Bazaar bundles SSL certificate checking code from Python, which had a bug that could cause a denial of service via resource consumption through multiple wildcards in...

9.3CVSS8.4AI score0.05978EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.37 views

Fedora 22 : python-pymongo-2.5.2-8.fc22 (2016-52b294538d)

Security fix for CVE-2013-2099, CVE-2013-7440 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5.9CVSS7.3AI score0.04857EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.33 views

Fedora 23 : python-pymongo-2.5.2-8.fc23 (2016-50abc3e885)

Security fix for CVE-2013-2099, CVE-2013-7440 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5.9CVSS7.3AI score0.04857EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/01/14 12:0 a.m.44 views

RHEL 6 : cloud-init (RHSA-2015:0042)

Updated cloud-init packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Common for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base...

4.3CVSS7.2AI score0.04857EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/12/22 12:0 a.m.27 views

Fedora 19 : python-tornado-2.2.1-7.fc19 (2014-16477)

Add patch to fix CVE-2013-2098 CVE-2013-2099 bug 96627 - Drop requires python-simplejson, not needed for modern python Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

4.3CVSS7.3AI score0.04857EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/12/17 12:0 a.m.31 views

Fedora 20 : python-tornado-2.2.1-7.fc20 (2014-16390)

Add patch to fix CVE-2013-2098 CVE-2013-2099 bug 96627 - Drop requires python-simplejson, not needed for modern python Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

4.3CVSS7.3AI score0.04857EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2014/10/22 5:20 p.m.50 views

Low: Red Hat Security Advisory: python-backports-ssl_match_hostname security update

An updated python-backports-sslmatchhostname package that fixes one security issue is now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

4.3CVSS6.6AI score0.04857EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/08/29 12:0 a.m.33 views

openSUSE Security Update : python3 (openSUSE-SU-2014:1070-1)

This python3 update fixes the following security and non security issues : - CGIHTTPServer filedisclosure and directory traversal through URL-encoded characters CVE-2014-4650, bnc885882 - DoS on ssl.matchhostname via a crafted certificate with too many wildcards CVE-2013-2099, bnc886001 - fix...

9.8CVSS7.3AI score0.247EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2014/01/07 12:0 a.m.26 views

GLSA-201401-04 : Python: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201401-04 Python: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of Servic...

5CVSS7.3AI score0.14643EPSS
Exploits7References9
OpenVAS
OpenVAS
added 2013/11/26 12:0 a.m.30 views

Fedora Update for python3 FEDORA-2013-21415

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.7AI score0.05347EPSS
Exploits1References2
OSV
OSV
added 2013/10/09 2:53 p.m.10 views

CVE-2013-2099

Algorithmic complexity vulnerability in the ssl.matchhostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-sslmatchhostname as used for older Python versions, allows remote attackers to cause a denial of service CPU consumption via multiple wildcard...

6.4AI score
Exploits0References10
Prion
Prion
added 2013/10/09 2:53 p.m.23 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2099. Reason: This candidate is a duplicate of CVE-2013-2099. Notes: All CVE users should reference CVE-2013-2099 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.6AI score0.04857EPSS
Exploits0
CVE
CVE
added 2013/10/09 2:44 p.m.190 views

CVE-2013-2099

CVE-2013-2099 is an algorithmic complexity vulnerability in Python’s ssl.match_hostname() used for validating hostnames in certificates. It allows remote attackers to cause high CPU usage (denial of service) by supplying certificates with multiple wildcard characters in the common name. Affected ...

4.3CVSS6AI score0.04857EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2013/10/09 2:44 p.m.31 views

CVE-2013-2099

Algorithmic complexity vulnerability in the ssl.matchhostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-sslmatchhostname as used for older Python versions, allows remote attackers to cause a denial of service CPU consumption via multiple wildcard...

6.3AI score0.04857EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2013/10/03 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-1983-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.7AI score0.05347EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/10/03 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-1985-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.7AI score0.05347EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/10/02 12:0 a.m.38 views

Ubuntu 12.04 LTS / 12.10 : python3.2 vulnerabilities (USN-1984-1)

Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. CVE-2013-2099 Ryan Sleevi discovered that Python did not properly handle...

4.3CVSS7.3AI score0.05347EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/10/02 12:0 a.m.27 views

Ubuntu 12.04 LTS / 12.10 / 13.04 : python2.7 vulnerabilities (USN-1983-1)

Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. This issue only affected Ubuntu 13.04. CVE-2013-2099 Ryan Sleevi discovered th...

4.3CVSS7.3AI score0.05347EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2013/10/01 3:8 p.m.73 views

USN-1985-1: Python 3.3 vulnerabilities

Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. CVE-2013-2099 Ryan Sleevi discovered that Python did not properly handle...

4.3CVSS7.4AI score0.05347EPSS
Exploits1
Rows per page
Query Builder