• caglararli@hotmail.com
  • 05386281520

CVE-2024-0397 | Python CPython up to 3.10.13/3.11.8/3.12.2/3.13.0a4 TLS Handshake cert_store_stats/get_ca_certs race condition (Issue 114572)

Çağlar Arlı      -    44 Views

CVE-2024-0397 | Python CPython up to 3.10.13/3.11.8/3.12.2/3.13.0a4 TLS Handshake cert_store_stats/get_ca_certs race condition (Issue 114572)

A vulnerability, which was classified as problematic, has been found in Python CPython up to 3.10.13/3.11.8/3.12.2/3.13.0a4. Affected by this issue is the function cert_store_stats/get_ca_certs of the component TLS Handshake Handler. The manipulation leads to race condition. This vulnerability is handled as CVE-2024-0397. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.