Описание
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.5.0-1build1 |
| hardy | DNE | |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | not-affected | 0.5.0-1 |
| precise | not-affected | 0.5.0-1build1 |
| quantal | not-affected | 0.5.0-1build1 |
| raring | not-affected | 0.5.0-1build1 |
| saucy | not-affected | 0.5.0-1build1 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 40%
0.00185
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 14 лет назад
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.
debian
больше 14 лет назад
libcloud before 0.4.1 does not verify SSL certificates for HTTPS conne ...
CVSS3: 7.5
github
больше 3 лет назад
Apache Libcloud does not verify SSL certificates for HTTPS connections
EPSS
Процентиль: 40%
0.00185
Низкий
4.3 Medium
CVSS2