Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-0397

HIGH
Published 2024-06-17T15:09:40.896Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-0397. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
7.4
/10
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.004
probability
of exploitation in the wild

There is a 0.4% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.594
Higher than 59.4% of all CVEs

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
NONE
Availability
HIGH

Description

A defect was discovered in the Python “ssl” module where there is a memory
race condition with the ssl.SSLContext methods “cert_store_stats()” and
“get_ca_certs()”. The race condition can be triggered if the methods are
called at the same time as certificates are loaded into the SSLContext,
such as during the TLS handshake with a certificate directory configured.
This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Python Software Foundation

CPython

Affected Versions:

0 3.9.0 3.10.0 3.11.0 3.12.0 3.13.0a1
python_software_foundation

cpython

Affected Versions:

0 3.9.0 3.10.0 3.11.0 3.12.0 3.13.0a1

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-xhf3-pp4q-gxh5

Advisory Details

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as during the TLS handshake with a certificate directory configured. This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-0397
WEB https://github.com/python/cpython/issues/114572
WEB https://github.com/python/cpython/pull/114573
WEB https://github.com/python/cpython/commit/01c37f1d0714f5822d34063ca7180b595abf589d
WEB https://github.com/python/cpython/commit/29c97287d205bf2f410f4895ebce3f43b5160524
WEB https://github.com/python/cpython/commit/37324b421b72b7bc9934e27aba85d48d4773002e
WEB https://github.com/python/cpython/commit/542f3272f56f31ed04e74c40635a913fbc12d286
WEB https://github.com/python/cpython/commit/b228655c227b2ca298a8ffac44d14ce3d22f6faa
WEB https://github.com/python/cpython/commit/bce693111bff906ccf9281c22371331aaff766ab
WEB https://mail.python.org/archives/list/[email protected]/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP
WEB https://security.netapp.com/advisory/ntap-20250411-0006
WEB http://www.openwall.com/lists/oss-security/2024/06/17/2

Advisory provided by GitHub Security Advisory Database. Published: June 17, 2024, Modified: April 12, 2025

References

https://github.com/python/cpython/issues/114572
https://github.com/python/cpython/pull/114573
https://mail.python.org/archives/list/[email protected]/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/
https://github.com/python/cpython/commit/01c37f1d0714f5822d34063ca7180b595abf589d
https://github.com/python/cpython/commit/29c97287d205bf2f410f4895ebce3f43b5160524
https://github.com/python/cpython/commit/37324b421b72b7bc9934e27aba85d48d4773002e
https://github.com/python/cpython/commit/542f3272f56f31ed04e74c40635a913fbc12d286
https://github.com/python/cpython/commit/b228655c227b2ca298a8ffac44d14ce3d22f6faa
https://github.com/python/cpython/commit/bce693111bff906ccf9281c22371331aaff766ab
http://www.openwall.com/lists/oss-security/2024/06/17/2
Published: 2024-06-17T15:09:40.896Z
Last Modified: 2025-04-11T22:03:13.624Z
Copied to clipboard!