{"id":"CVE-2013-2099","details":"Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.","aliases":["PSF-2013-1"],"modified":"2026-04-16T01:45:33.041647917Z","published":"2013-10-09T14:53:20Z","withdrawn":"2026-01-27T04:12:08.832111Z","references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-1690.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/55107"},{"type":"ADVISORY","url":"http://secunia.com/advisories/55116"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-1983-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-1984-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-1985-1"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:1166"},{"type":"FIX","url":"http://bugs.python.org/issue17980"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=963260"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2013/05/16/6"}],"schema_version":"1.7.3"}