Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.5 views

SUSE CVE-2013-2037

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...

2.6CVSS6.9AI score0.01324EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:29 a.m.18 views

Security Bulletin: Vulnerability in Python-httplib2 affects PowerKVM (CVE-2013-2037)

Summary PowerKVM is affected by a vulnerability in python-httplib2. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2013-2037 DESCRIPTION: The python-httplib2 could allow a remote attacker to obtain sensitive information, caused by the improper validation of https certificates. ...

2.6CVSS0.3AI score0.01324EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.15 views

Fedora Update for python-httplib2 FEDORA-2015-5503

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.6CVSS6.5AI score0.01324EPSS
Exploits1References2
OSV
OSV
added 2014/01/18 9:55 p.m.1 views

DEBIAN-CVE-2013-2037

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...

2.6CVSS6.9AI score0.01324EPSS
Exploits1References1
OSV
OSV
added 2014/01/18 9:55 p.m.5 views

CVE-2013-2037

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...

6.2AI score
Exploits0References11
CVE
CVE
added 2014/01/18 9:0 p.m.77 views

CVE-2013-2037

CVE-2013-2037 affects the Python HTTP client library httplib2 versions up to 0.7.2/0.8 and earlier. Root cause: after the initial connection, the client does not verify that the server hostname matches the CN or subjectAltName in the server's X.509 certificate, enabling MITM via an arbitrary vali...

2.6CVSS6.3AI score0.01324EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2014/01/18 9:0 p.m.36 views

CVE-2013-2037

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...

6.1AI score0.01324EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2014/01/18 9:0 p.m.21 views

CVE-2013-2037

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...

2.6CVSS6.2AI score0.01324EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/05/28 12:0 a.m.21 views

Mandriva Linux Security Advisory : python-httplib2 (MDVSA-2013:168)

Updated python-httplib2 packages fix security vulnerability : httplib2 only validates SSL certificates on the first request to a connection, and doesn't report validation failures on subsequent requests CVE-2013-2037. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

2.6CVSS5.4AI score0.01324EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2013/05/02 12:0 a.m.21 views

CVE-2013-2037

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...

2.6CVSS5.9AI score0.01324EPSS
Exploits1References2
Rows per page
Query Builder