CVE-2012-3446

Name of the Vulnerable Software and Affected Versions Apache Libcloud versions prior to 0.11.1

Description The issue arises from an incorrect regular expression used during the verification process of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. This allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.

Recommendations For versions prior to 0.11.1, update to version 0.11.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of SSL connections to trusted servers until the update is applied.