Python · Python · CVE-2013-7040
**Name of the Vulnerable Software and Affected Versions**
Python versions prior to 3.4
**Description**
The issue causes Python to compute hash values without properly restricting the ability to trigger hash collisions predictably. This makes it easier for attackers to cause a denial of service via crafted input to an application that maintains a hash table, resulting in CPU consumption.
**Recommendations**
For versions prior to 3.4, consider upgrading to a version that properly randomizes hash values to prevent predictable hash collisions. As a temporary workaround, consider implementing additional checks or restrictions on input to applications that maintain hash tables to minimize the risk of exploitation.