Описание
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.5.0-1build1 |
| hardy | DNE | |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | not-affected | 0.5.0-1 |
| precise | not-affected | 0.5.0-1build1 |
| quantal | not-affected | 0.5.0-1build1 |
| raring | not-affected | 0.5.0-1build1 |
| saucy | not-affected | 0.5.0-1build1 |
Показывать по
10
Ссылки на источники
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 14 лет назад
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.
debian
больше 14 лет назад
libcloud before 0.4.1 does not verify SSL certificates for HTTPS conne ...
CVSS3: 7.5
github
больше 3 лет назад
Apache Libcloud does not verify SSL certificates for HTTPS connections
4.3 Medium
CVSS2