{"id":"CVE-2012-3446","details":"Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.","aliases":["GHSA-prcq-52f8-fp44","PYSEC-2012-12"],"modified":"2026-04-10T03:43:12.241837Z","published":"2012-11-04T22:55:03Z","references":[{"type":"ADVISORY","url":"https://svn.apache.org/repos/asf/libcloud/trunk/CHANGES"},{"type":"EVIDENCE","url":"http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}