VYPR
High severityNVD Advisory· Published Sep 30, 2013· Updated Jun 16, 2026

CVE-2013-4314

CVE-2013-4314

Description

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
pyOpenSSLPyPI
< 0.13.10.13.1

Affected products

15
  • cpe:2.3:a:jean-paul_calderone:pyopenssl:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:jean-paul_calderone:pyopenssl:*:*:*:*:*:*:*:*range: <=0.13
    • cpe:2.3:a:jean-paul_calderone:pyopenssl:0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:jean-paul_calderone:pyopenssl:0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:jean-paul_calderone:pyopenssl:0.11:a1:*:*:*:*:*:*
    • cpe:2.3:a:jean-paul_calderone:pyopenssl:0.11:a2:*:*:*:*:*:*
    • cpe:2.3:a:jean-paul_calderone:pyopenssl:0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:jean-paul_calderone:pyopenssl:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:jean-paul_calderone:pyopenssl:0.8:a1:*:*:*:*:*:*
    • cpe:2.3:a:jean-paul_calderone:pyopenssl:0.9:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
  • ghsa-coords2 versions
    < 0.13.1+ 1 more
    • (no CPE)range: < 0.13.1
    • (no CPE)range: < 24.1.0-1.2

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.