GHSA-QGFG-GVFF-523V python-glanceclient vulnerable to SSL server spoofing due to unverified X.509 certificate

The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...

Preverify_ok Value Incorrectly Checked

python-glanceclient is vulnerable to man-in-the-middle MitM attacks. This vulnerability is due to the fact that the preverifyok value is not correctly checked. This prevents the hostname from being validated with a domain name in the Common Name or SubjectAltName field of the X.509 certificate,...