CVSS: 4.3EPSS: 5%CPEs: 12EXPL: 0CVE-2013-2099 – python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns
https://notcve.org/view.php?id=CVE-2013-2099
Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate. Vulnerabilidad de la complejidad algorítmica en la función ssl.match_hostname en Python 3.2.x, 3.3.x, y anteriores, y las versiones no especificadas de python-backports-ssl_match_hostname como las usadas por versiones anteriores de Python, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU ) a través de múltiples caracteres comodín en el nombre común en el certificado. A denial of service flaw was found in the way Python's SSL module implementation performed matching of certain certificate names. A remote attacker able to obtain a valid certificate that contained multiple wildcard characters could use this flaw to issue a request to validate such a certificate, resulting in excessive consumption of CPU. • http://bugs.python.org/issue17980 http://rhn.redhat.com/errata/RHSA-2014-1690.html http://secunia.com/advisories/55107 http://secunia.com/advisories/55116 http://www.openwall.com/lists/oss-security/2013/05/16/6 http://www.ubuntu.com/usn/USN-1983-1 http://www.ubuntu.com/usn/USN-1984-1 http://www.ubuntu.com/usn/USN-1985-1 https://access.redhat.com/errata/RHSA-2016:1166 https://bugzilla.redhat.com/show_bug.cgi?id=963260 https://access.redhat.com/ • CWE-399: Resource Management Errors CWE-407: Inefficient Algorithmic Complexity •
CVSS: 4.3EPSS: 0%CPEs: 37EXPL: 0CVE-2013-4238 – python: hostname check bypassing vulnerability in SSL module
https://notcve.org/view.php?id=CVE-2013-4238
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. La función ssl.match_hostname en el módulo SSL en Python v2.6 hasta v3.4 no manejar adecuadamente un carácter “\0” en un nombre de dominio en el campo Subject Alternative Name de un certificado X.509, lo que permite a atacantes "man-in-the-middle" suplantar servidores SSL de su elección mediante un certificado manipulado expedido por una Autoridad Certificadora legítima, un problema relacionado con CVE-2009-2408 • http://bugs.python.org/issue18709 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 3%CPEs: 9EXPL: 0CVE-2012-2135
https://notcve.org/view.php?id=CVE-2012-2135
The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive information (process memory) or cause a denial of service (memory corruption and crash) via unspecified vectors. El descodificador UTF-16 en Python v3.1 a v3.3 no actualiza la variable aligned_end después de llamar a la función unicode_decode_call_errorhandler, lo que permite a atacantes remotos obtener información sensible (la memoria del proceso) o provocar una denegación de servicio (por corrupción de memoria y caída la aplicación) a través de vectores no especificados. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670389 http://bugs.python.org/issue14579 http://secunia.com/advisories/51087 http://secunia.com/advisories/51089 http://www.openwall.com/lists/oss-security/2012/04/25/2 http://www.openwall.com/lists/oss-security/2012/04/25/4 http://www.ubuntu.com/usn/USN-1615-1 http://www.ubuntu.com/usn/USN-1616-1 •
CVSS: 6.8EPSS: 9%CPEs: 5EXPL: 2CVE-2007-4559 – python: tarfile module directory traversal
https://notcve.org/view.php?id=CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. Vulnerabilidad de salto de directorio en las funciones (1) extract y (2) extractall en el módulo tarfile en Python permite a atacantes remotos con la intervención del usuario sobrescribir archivos de su elección a través de la secuencia ..(punto punto) en nombres de archivos en archivos TAR, un asunto relacionado es CVE-2001-1267. A flaw was found in the Python tarfile module. • https://github.com/davidholiday/CVE-2007-4559 http://mail.python.org/pipermail/python-dev/2007-August/074290.html http://mail.python.org/pipermail/python-dev/2007-August/074292.html http://secunia.com/advisories/26623 http://www.vupen.com/english/advisories/2007/3022 https://bugzilla.redhat.com/show_bug.cgi?id=263261 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVBB7NU3YIRRDOKLYVN647WPRR3IAKR6 https://lists.fedoraproject.org/archives/list/package-announce • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •