CVE-2013-7040
Description
Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1150.
Risk Information
Base Score
9.1
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
0.724
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities affected in Python 3.3.5 | Windows |
| Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 Update | Mac |
| Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 Combo Update | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.1 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.2 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 2.7.1 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.0 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.0.1 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.1.1 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.1.2 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.1.3 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 2.7.1150 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 2.7.2 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 2.7.2150 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 2.7.3 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.1.4 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.1.5 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.2.2150 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.2.3 | Mac |
| Vulnerabilities CVE-2013-4238,CVE-2013-7040,CVE-2014-1912,CVE-2014-9365 are affected in Python for MAC 3.3 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.4 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.5 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.6 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-9365 are affected in Python for MAC 2.7.7 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.0 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.1 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.2 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.4 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.5 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.3.0 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.3.1 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.3.2 | Mac |
| Multiple Vulnerabilities are affected in Python for MAC 3.3.3 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.3.4 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.3.5 | Mac |
| Vulnerabilities CVE-2013-4238,CVE-2013-7040,CVE-2014-1912,CVE-2014-9365 are affected in Python for MAC 3.3 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.5 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.0 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.1 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.2 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.2.4 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.4 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.5 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-1912,CVE-2014-7185,CVE-2014-9365 are affected in Python for MAC 2.7.6 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-9365 are affected in Python for MAC 2.7.7 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.3.4 | Mac |
| Vulnerabilities CVE-2013-7040,CVE-2014-9365,CVE-2016-5636 are affected in Python for MAC 3.3.5 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-600354 | OS X Yosemite 10.10.5 Update |
| PATCH-600458 | OS X Yosemite 10.10.5 Combo Update |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
| PATCH-611773 | Python for MAC 3.13.7 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234