VDB
DEBIAN-CVE-2013-2099
DEBIAN-CVE-2013-2099
PUBLISHED
CVSS 8.199999809265137 HIGH
Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.
Risk Scores
CVSS 4.0
8.199999809265137
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | python-tornado | 0, 0, 0 |
| Debian:11 | python-urllib3 | 0, 0, 0 |
| Debian:13 | python-tornado | 0, 0, 0 |
| Debian:14 | python-urllib3 | 0, 0, 0 |
| Debian:14 | python-tornado | 0, 0, 0 |
| Debian:12 | linkchecker | 0, 0, 0 |
| Debian:11 | bzr | 0, 0, 0 |
| Debian:12 | python-urllib3 | 0, 0, 0 |
| Debian:13 | python-urllib3 | 0, 0, 0 |
| Debian:13 | bzr | 0, 0, 0 |
| Debian:11 | linkchecker | 0, 0, 0 |
| Debian:11 | python2.7 | 0, 0, 0 |
| Debian:12 | bzr | 0, 0, 0 |
| Debian:12 | python-tornado | 0, 0, 0 |
| Debian:14 | linkchecker | 0, 0, 0 |
| Debian:13 | linkchecker | 0, 0, 0 |
Timeline
- Oct 9, 2013 CVE Published
- Apr 28, 2026 CVE Updated