CVE-2010-4340
published 2011-09-12CVE-2010-4340: libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access…
medium4.3CVSS 3.1
AVNACMAuNCNIPAN
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | libcloud | <= 0.4.0 | — |
| apache | libcloud | — | — |
| apache | libcloud | — | — |
| apache | libcloud | — | — |
| apache | libcloud | >= 0 < 0.5.0-1 | 0.5.0-1 |
| apache | libcloud | >= 0 < 0.5.0-1 | 0.5.0-1 |
| apache | libcloud | >= 0 < 0.5.0-1 | 0.5.0-1 |
| apache | libcloud | >= 0 < 0.5.0-1 | 0.5.0-1 |
| debian | libcloud | < libcloud 0.5.0-1 (bookworm) | libcloud 0.5.0-1 (bookworm) |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM