[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2013-4238":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":21,"related":22,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":34,"epss":9,"epss_history":35,"metrics":36,"affected":37},"DEBIAN-CVE-2013-4238","The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.",null,[],[],[],[14],{"_key":15},"CVE-2013-4238",[17,19],{"_key":18},"DLA-25-1",{"_key":20},"DSA-2880-1",[],[],"2013-08-18T02:52:22.943Z","2026-04-28T20:12:48.452921Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28],{"url":29,"sources":30,"tags":32},"https://security-tracker.debian.org/tracker/CVE-2013-4238",[31],"osv_debian",[33],"Advisory",[],[],[],[38],{"ecosystem":39,"name":40,"vendor":41,"product":40,"cpe_part":9,"purl_type":42,"purl_namespace":41,"purl_name":40,"source":9,"versions":43},"Debian","python2.7","debian","deb",[44],{"version":45,"is_range":46,"range_type":47,"version_start":9,"version_start_type":9,"version_end":48,"version_end_type":49,"fixed_in":9},"lt2_7_5_8",true,"ecosystem","2.7.5-8","excluding"]