Medium severity5.9NVD Advisory· Published Jun 7, 2016· Updated Jun 17, 2026
CVE-2013-7440
CVE-2013-7440
Description
The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
36cpe:2.3:a:python:python:*:*:*:*:*:*:*:*+ 26 more
- cpe:2.3:a:python:python:*:*:*:*:*:*:*:*range: <=2.7.8
- cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*
- cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*
- (no CPE)range: <2.7.9, <3.3.3
- osv-coords9 versionspkg:rpm/suse/python-setuptools&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205pkg:rpm/suse/python-setuptools&distro=SUSE%20Enterprise%20Storage%201.0pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2012pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
< 1.1.7-7.1+ 8 more
- (no CPE)range: < 1.1.7-7.1
- (no CPE)range: < 1.1.7-7.1
- (no CPE)range: < 0.6c11-6.1
- (no CPE)range: < 0.6c11-6.1
- (no CPE)range: < 1.1.7-7.1
- (no CPE)range: < 1.1.7-7.1
- (no CPE)range: < 0.6c11-6.1
- (no CPE)range: < 0.6c11-6.1
- (no CPE)range: < 1.1.7-7.1
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.