CVE-2013-2255

Опубликовано: 01 нояб. 2019

Источник: debian

Описание

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
keystone	fixed	2014.1-1		package
keystone	no-dsa		wheezy	package
swift	not-affected			package

Примечания

Fixes for keystone: https://review.openstack.org/#/c/76476/

Связанные уязвимости

CVE-2013-2255

CVSS3: 5.9

ubuntu

больше 6 лет назад

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.

CVE-2013-2255

redhat

больше 12 лет назад

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.

CVE-2013-2255

CVSS3: 5.9

nvd

больше 6 лет назад

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.

GHSA-qh2x-hpf9-cf2g

CVSS3: 5.9

github

почти 4 года назад

OpenStack Keystone and other components vulnerable to Improper Certificate Validation