Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-DEBIAN9-PYTHON27-306433
- published 16 Jan 2019
- disclosed 31 Oct 2019
How to fix?
python2.7 to version 2.7.13-2+deb9u4 or higher.
Note: Versions mentioned in the description apply only to the upstream
python2.7 package and not the
python2.7 package as distributed by
How to fix? for
Debian:9 relevant fixed versions and status.
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.