40 lines
1.2 KiB
JSON
40 lines
1.2 KiB
JSON
{
|
|
"advisory": {
|
|
"date": "2013-07-30",
|
|
"description": "Thomas Leaman from HP reported that the Python Glance client was failing to properly check certificates during the establishment of HTTPS connections. A remote attacker with access over segments of the network between client and server could potentially set up a man-in the-middle attack and access the contents of the Glance client request (or response).",
|
|
"id": "2013-018",
|
|
"title": "Missing SSL certificate check in Python glance client",
|
|
"url": "http://lists.openstack.org/pipermail/openstack/2013-July/000076.html"
|
|
},
|
|
"affects": [
|
|
{
|
|
"product": "python-glanceclient",
|
|
"version": "TODO"
|
|
}
|
|
],
|
|
"bugs": [
|
|
"1192229"
|
|
],
|
|
"notes": "",
|
|
"reporters": [
|
|
{
|
|
"company": "HP",
|
|
"name": "Thomas Leaman"
|
|
}
|
|
],
|
|
"reviews": [
|
|
"33464"
|
|
],
|
|
"schema_version": 1,
|
|
"vulnerabilities": [
|
|
{
|
|
"cve": "CVE-2013-4111",
|
|
"cvss": {
|
|
"base_score": "5.0",
|
|
"scoring_vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
|
|
},
|
|
"cwe": "TODO",
|
|
"impact": "moderate"
|
|
}
|
|
]
|
|
} |