Lucene search
GoogleOSV:PYSEC-2011-24HistorySep 12, 2011 - 12:41 p.m.
PYSEC-2011-24
2011-09-1212:41:00
Google
osv.dev
6
0.001 Low
EPSS
Percentile
48.2%
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache-libcloud | eq | 0.3.1 | |
| apache-libcloud | eq | 0.4.0 |
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=598463
mail-archives.apache.org/mod_mbox/incubator-libcloud/201009.mbox/%3C5860913.463891285776633273.JavaMail.jira@thor%3E
mail-archives.apache.org/mod_mbox/incubator-libcloud/201011.mbox/browser
wiki.apache.org/incubator/LibcloudSSL
issues.apache.org/jira/browse/LIBCLOUD-55
Related
osv
osv
Apache Libcloud does not verify SSL certificates for HTTPS connections
2022-05-17 05:39:24
nvd
nvd
CVE-2010-4340
2011-09-12 12:41:27
cve
cve
CVE-2010-4340
2022-10-03 16:21:04
github
github
Apache Libcloud does not verify SSL certificates for HTTPS connections
2022-05-17 05:39:24
cvelist
cvelist
CVE-2010-4340
2022-10-03 16:21:04
openvas
openvas
Libcloud SSL Certificates Security Bypass Vulnerability
2011-09-22 00:00:00
Libcloud SSL Certificates Security Bypass Vulnerability
2011-09-22 00:00:00
debiancve
debiancve
CVE-2010-4340
2022-10-03 16:21:04
ubuntucve
ubuntucve
CVE-2010-4340
2011-09-12 00:00:00
prion
prion
Code injection
2011-09-12 12:41:00