FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Python -- multiple vulnerabilities

Affected packages
python38 < 3.8.18
python39 < 3.9.18
python310 < 3.10.13
python311 < 3.11.5


VuXML ID a57472ba-4d84-11ee-bf05-000c29de725b
Discovery 2023-08-22
Entry 2023-09-07

Python reports:

gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake and included protections (like certificate verification) and treating sent unencrypted data as if it were post-handshake TLS encrypted data.


CVE Name CVE-2023-40217