CVE-2013-2073

Опубликовано: 02 мая 2014

Источник: debian

EPSS Низкий

Описание

Transifex command-line client before 0.9 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
transifex-client	fixed	0.9-1		package
transifex-client	no-dsa		wheezy	package

Примечания

http://seclists.org/oss-sec/2013/q2/394

EPSS

Процентиль: 36%

0.00152

Низкий

Связанные уязвимости

CVE-2013-2073

ubuntu

почти 12 лет назад

Transifex command-line client before 0.9 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate.

CVE-2013-2073

nvd

почти 12 лет назад

Transifex command-line client before 0.9 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate.

GHSA-7m2p-hrg9-pw87

github

больше 3 лет назад

Transifex command-line client before 0.9 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate.

EPSS

Процентиль: 36%

0.00152

Низкий