216.73.217.172

CVE-2024-0397

· Published 17/06/2024 16:15 · Modified 17/06/2024 18:15

Labels: CVE-2024-0397 2024-06-17CVE-2024-0397[email protected]

Essential information

Published
17/06/2024 16:15
Modified
17/06/2024 18:15
Author
Creator
CISA KEV
No
CWE

Description

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as during the TLS handshake with a certificate directory configured. This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References