CVE-2024-0397 | Python CPython up to 3.10.13/3.11.8/3.12.2/3.13.0a4 TLS Handshake cert_store_stats/get_ca_certs race condition (Issue 114572)

Inserito da Angelo Barbosa | Giu 17, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Python CPython up to 3.10.13/3.11.8/3.12.2/3.13.0a4. Affected by this issue is the function cert_store_stats/get_ca_certs of the component TLS Handshake Handler. The manipulation leads to race condition.

This vulnerability is handled as CVE-2024-0397. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-0397 | Python CPython up to 3.10.13/3.11.8/3.12.2/3.13.0a4 TLS Handshake cert_store_stats/get_ca_certs race condition (Issue 114572)

Post correlati

CVE-2024-37663 | Redmi RB03 1.0.57 ICMP Redirect Message Remote Code Execution

CVE-2024-46709 | Linux Kernel up to 6.6.48/6.10.7 dma_buf buffer overflow (9a9716bbbf3d/5c12391ee1ab/50f119925091)

CVE-2023-7170 | EventON-RSVP Plugin up to 2.9.4 on WordPress cross site scripting

CVE-2024-30384 | Juniper Junos OS up to 20.4R3-S1/21.2R3-S6/21.4R3-S5 on EX4300 Packet Forwarding Engine unusual condition (JSA79186)