High severityNVD Advisory· Published Sep 30, 2013· Updated Jun 16, 2026
CVE-2013-4314
CVE-2013-4314
Description
The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pyOpenSSLPyPI | < 0.13.1 | 0.13.1 |
Affected products
15cpe:2.3:a:jean-paul_calderone:pyopenssl:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:jean-paul_calderone:pyopenssl:*:*:*:*:*:*:*:*range: <=0.13
- cpe:2.3:a:jean-paul_calderone:pyopenssl:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:jean-paul_calderone:pyopenssl:0.11:*:*:*:*:*:*:*
- cpe:2.3:a:jean-paul_calderone:pyopenssl:0.11:a1:*:*:*:*:*:*
- cpe:2.3:a:jean-paul_calderone:pyopenssl:0.11:a2:*:*:*:*:*:*
- cpe:2.3:a:jean-paul_calderone:pyopenssl:0.12:*:*:*:*:*:*:*
- cpe:2.3:a:jean-paul_calderone:pyopenssl:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:jean-paul_calderone:pyopenssl:0.8:a1:*:*:*:*:*:*
- cpe:2.3:a:jean-paul_calderone:pyopenssl:0.9:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
- ghsa-coords2 versions
< 0.13.1+ 1 more
- (no CPE)range: < 0.13.1
- (no CPE)range: < 24.1.0-1.2
Patches
Vulnerability mechanics
References
10- www.ubuntu.com/usn/USN-1965-1nvdVendor AdvisoryWEB
- github.com/advisories/GHSA-6748-36qp-fx6rghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-4314ghsaADVISORY
- lists.opensuse.org/opensuse-updates/2013-11/msg00015.htmlnvdWEB
- www.debian.org/security/2013/dsa-2763nvdWEB
- www.openwall.com/lists/oss-security/2013/09/06/2nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/pyca/pyopenssl/commit/6bbf44a00b35fb28df1f66aa194b2fe95eab1ab2ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/pyopenssl/PYSEC-2013-31.yamlghsaWEB
- mail.python.org/pipermail/pyopenssl-users/2013-September/000478.htmlnvdWEB
News mentions
0No linked articles in our index yet.