CVE-2013-7040
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2013-7040
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1150.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Python 加密问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Python是Python软件基金会的一套开源的、面向对象的程序设计语言。该语言具有可扩展、支持模块和包、支持多种平台等特点。 Python 3.4之前的2.7版本中存在安全漏洞,该漏洞源于程序计算相同的哈希。攻击者可借助特制的请求利用该漏洞造成拒绝服务(CPU消耗)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2013-7040
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2013-7040
Please Login to view more intelligence information
- http://bugs.python.org/issue14621x_refsource_CONFIRM
- https://support.apple.com/kb/HT205031x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2013-7040
Same Patch Batch · n/a · 2014-05-19 · 27 CVEs total
| CVE-2013-6994 | OpenText Exceed onDemand 会话劫持漏洞 | |
| CVE-2014-3787 | SAP NetWeaver 信息泄露漏洞 | |
| CVE-2014-3735 | Intel Ideo Video 缓冲区溢出漏洞 | |
| CVE-2014-3717 | Xen 输入验证漏洞 | |
| CVE-2014-3716 | Xen 输入验证漏洞 | |
| CVE-2014-3715 | Xen 缓冲区溢出漏洞 | |
| CVE-2014-3714 | Xen ARM图像加载功能输入验证漏洞 | |
| CVE-2014-3411 | Juniper Networks NSM XDB服务安全漏洞 | |
| CVE-2014-1402 | Jinja2‘jinja2.bccache.FileSystemBytecodeCache’不安全文件权限漏洞 | |
| CVE-2014-0012 | Jinja2 权限许可和访问控制问题漏洞 | |
| CVE-2013-7385 | LiveZilla 加密问题漏洞 | |
| CVE-2013-7384 | UnrealIRCd 安全漏洞 | |
| CVE-2013-7033 | LiveZilla 加密问题漏洞 | |
| CVE-2013-4406 | Drupal Quick Tabs模块访问绕过漏洞 | |
| CVE-2013-6807 | OpenText Exceed OnDemand 安全绕过漏洞 | |
| CVE-2013-6806 | OpenText Exceed OnDemand 安全绕过漏洞 | |
| CVE-2013-6805 | OpenText Exceed OnDemand 信息泄露漏洞 | |
| CVE-2013-6766 | Greenbone Networks OpenVAS Administrator 身份验证绕过漏洞 | |
| CVE-2013-6765 | Greenbone Networks OpenVAS Manager 身份验证绕过漏洞 | |
| CVE-2013-6413 | UnrealIRCd 释放后重用漏洞 |
Showing top 20 of 27 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2013-7040
No comments yet