Download
| Alert*
oval:org.secpod.oval:def:601112
It was discovered that PyOpenSSL, a Python wrapper around the OpenSSL library, does not properly handle certificates with NULL characters in the Subject Alternative Name field. A remote attacker in the position to obtain a certificate for "www.foo.org\0.example.com" from a CA that a SSL client trust ... oval:org.secpod.oval:def:701424 pyopenssl: Python wrapper around the OpenSSL library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. |