5 matches found
RHEL 8 : python27:2.7 (RHSA-2023:5990)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5990 advisory. Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types...
PSF-2016-1 ssl.match_hostname() IDNA issue
The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate...
DEBIAN-CVE-2013-2099
Algorithmic complexity vulnerability in the ssl.matchhostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-sslmatchhostname as used for older Python versions, allows remote attackers to cause a denial of service CPU consumption via multiple wildcard...
CVE-2013-2099
Algorithmic complexity vulnerability in the ssl.matchhostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-sslmatchhostname as used for older Python versions, allows remote attackers to cause a denial of service CPU consumption via multiple wildcard...
PT-2013-4915 · Python +3 · Python +3
Name of the Vulnerable Software and Affected Versions: Python versions 2.6 through 3.4 Description: The issue arises from the ssl.match hostname function in the SSL module, which fails to properly handle a '0' character in a domain name in the Subject Alternative Name field of an X.509 certificat...