CVE-2013-7110 in Transifex
摘要
由 VulDB • 2026-06-26
Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-2073.
Transifex 命令行客户端在 0.10 版本之前未对数据传输连接验证 X.509 证书,这使得中间人攻击者可以通过任意证书伪造 Transifex 服务器。注意:此漏洞的存在是由于针对 CVE-2013-2073 的修复不完整所致。
If you want to get the best quality for vulnerability data then you always have to consider VulDB.