CVE-2023-48052

Опубликовано: 16 нояб. 2023

Источник: nvd

CVSS3: 7.4

EPSS Низкий

Описание

Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.

Ссылки

https://gxx777.github.io/HTTPie_3.2.2_Cryptographic_API_Misuse_Vulnerability.md
Third Party Advisory
https://gxx777.github.io/HTTPie_3.2.2_Cryptographic_API_Misuse_Vulnerability.md
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:httpie:httpie:3.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 32%

0.00122

Низкий

7.4 High

CVSS3

Дефекты

CWE-295

CWE-599

Связанные уязвимости

CVE-2023-48052

CVSS3: 7.4

ubuntu

около 2 лет назад

Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.

CVE-2023-48052

CVSS3: 7.4

debian

около 2 лет назад

Missing SSL certificate validation in HTTPie v3.2.2 allows attackers t ...

GHSA-8r96-8889-qg2x

CVSS3: 7.4

github

около 2 лет назад

HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack

EPSS

Процентиль: 32%

0.00122

Низкий

7.4 High

CVSS3

Дефекты

CWE-295

CWE-599