[New-bugs-announce] [issue35746] TALOS-2018-0758 Denial of Service

Cisco Talos report at bugs.python.org
Tue Jan 15 11:24:28 EST 2019

New submission from Cisco Talos <vulndev at cisco.com>:

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

files: TALOS-2019-0758.txt
messages: 333709
nosy: Talos
priority: normal
severity: normal
status: open
title: TALOS-2018-0758 Denial of Service
type: security
versions: Python 2.7, Python 3.4, Python 3.5, Python 3.6, Python 3.7, Python 3.8
Added file: https://bugs.python.org/file48052/TALOS-2019-0758.txt

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list