CVE-2013-4111

The CVE concerns the Python client library for Glance, python-glanceclient, where versions before 0.10.0 fail to properly validate the server certificate (preverify_ok), allowing MITM spoofing via an arbitrary valid X.509 certificate. Impact: potential SSL-based credential/server spoofing. The is...