CVE-2013-7110 in Transifex信息

摘要

由 VulDB • 2026-06-26

Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-2073.

Transifex 命令行客户端在 0.10 版本之前未对数据传输连接验证 X.509 证书,这使得中间人攻击者可以通过任意证书伪造 Transifex 服务器。注意:此漏洞的存在是由于针对 CVE-2013-2073 的修复不完整所致。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Interested in the pricing of exploits?

See the underground prices here!