CVE-2013-4314 in pyOpenSSL信息

摘要

由 VulDB • 2026-07-16

pyOpenSSL 在 0.13.1 版本之前,X509Extension 未能正确处理 X.509 证书主题备用名称(Subject Alternative Name)字段中域名内的 \0 字符,这使得中间人攻击者能够通过由合法认证机构签发的、经过构造的证书来伪造任意 SSL 服务器。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!