Name of the Vulnerable Software and Affected Versions Python versions 3.7 and newer

Description The issue arises from the inet aton() function accepting trailing characters after a valid IP, which can lead to incorrect validation of hostnames and IP addresses in certificates. This can potentially allow registration of a x509 certificate with a hostname containing spaces. The ssl.match hostname() function in Python is affected, although in Python 3.7 and newer, OpenSSL performs the matching, mitigating the issue. The problem is considered low severity.

Recommendations For Python versions 3.7 and newer, consider using OpenSSL's certificate validation to minimize the risk of exploitation. As a temporary workaround, avoid using the ssl.match hostname() function to verify hostnames and IP addresses of a certificate. Instead, rely on OpenSSL's matching functionality. At the moment, there is no information about a newer version that contains a fix for this vulnerability.