CVE-2013-2191 in openSUSEinfo

Summary

python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

02/19/2013

Disclosure

02/07/2014

Moderation

VulDB entry created

Entries

1: VDB-66347

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

5.3

EPSS

0.00245

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2013-2191
NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-2191
CVE Details	https://www.cvedetails.com/cve/CVE-2013-2191/

◂ Previous Overview Next ▸