Filtered by vendor Apache
Subscriptions
Filtered by product Libcloud
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-6480 | 1 Apache | 1 Libcloud | 2024-11-21 | N/A |
Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM. | ||||
CVE-2012-3446 | 1 Apache | 1 Libcloud | 2024-11-21 | 5.9 Medium |
Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate. | ||||
CVE-2010-4340 | 1 Apache | 1 Libcloud | 2024-11-21 | N/A |
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack. |
Page 1 of 1.