Lucene search
+L

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0124

Malware in sbrugna...

5.9CVSS5.9AI score0.00413EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/17 7:57 p.m.33 views

ovirt-engine-sdk-python improper validation of hostname in x.509 certificate

ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name CN or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an...

5.9CVSS6.7AI score0.00413EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2020/01/02 6:15 p.m.19 views

CVE-2014-0161

ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name CN or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an...

5.9CVSS5.7AI score0.00413EPSS
Exploits0References2
Prion
Prion
added 2020/01/02 6:15 p.m.16 views

Code injection

ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name CN or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an...

4.3CVSS7.1AI score0.00413EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/01/02 6:15 p.m.33 views

PYSEC-2020-245

ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name CN or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an...

5.9CVSS5.8AI score0.00413EPSS
Exploits0References3
CVE
CVE
added 2020/01/02 5:30 p.m.86 views

CVE-2014-0161

The CVE-2014-0161 issue affects ovirt-engine-sdk-python prior to 3.4.0.7 and 3.5.0.4, where the client does not verify that the remote host’s certificate hostname matches the CN or subjectAltName in the TLS/SSL certificate. This incomplete hostname validation can enable man-in-the-middle attacks ...

5.9CVSS5.6AI score0.00413EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/01/02 5:30 p.m.25 views

CVE-2014-0161

ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name CN or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an...

5.7AI score0.00413EPSS
Exploits0References2
Rows per page
Query Builder