Description

Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.

Remediation

References

CVE-2013-2099

Related Vulnerabilities

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43500)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Open Redirect (2.0.5)

WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Unspecified Vulnerability (4.8.2)

Oracle Database Server CVE-2006-5340 Vulnerability (CVE-2006-5340)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4029)

Severity

Medium

Classification

CVE-2013-2099

Tags

Missing Update Known Vulnerabilities