DEBIAN-CVE-2019-5010

DEBIAN-CVE-2019-5010 PUBLISHED CVSS 7.5 HIGH

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	python2.7	0, 0, 0

Exploit Intelligence

CVE-2019-5010 Exploit PoC - Python Denial of Service via Malformed X.509v3 Extension (github-poc-repo)
CVE-2019-5010 Exploit PoC - Python Denial of Service via Malformed X.509v3 Extension (github-poc)

Timeline

Oct 31, 2019 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2019-5010 advisory

Open in Interactive Console →