New submission from Cisco Talos <vuln...@cisco.com>:
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. ---------- files: TALOS-2019-0758.txt messages: 333709 nosy: Talos priority: normal severity: normal status: open title: TALOS-2018-0758 Denial of Service type: security versions: Python 2.7, Python 3.4, Python 3.5, Python 3.6, Python 3.7, Python 3.8 Added file: https://bugs.python.org/file48052/TALOS-2019-0758.txt _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue35746> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com