{"id":"PYSEC-2012-12","details":"Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.","aliases":["CVE-2012-3446","GHSA-prcq-52f8-fp44"],"modified":"2024-01-12T20:26:41.837338Z","published":"2012-11-04T22:55:00Z","references":[{"type":"WEB","url":"http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"},{"type":"WEB","url":"https://svn.apache.org/repos/asf/libcloud/trunk/CHANGES"}],"affected":[{"package":{"name":"apache-libcloud","ecosystem":"PyPI","purl":"pkg:pypi/apache-libcloud"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.11.1"}]}],"versions":["0.10.1","0.11.0","0.3.1","0.4.0","0.4.2","0.5.0","0.5.2","0.6.1","0.6.2","0.7.1","0.8.0","0.9.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/apache-libcloud/PYSEC-2012-12.yaml"}}],"schema_version":"1.7.3"}