Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-2191

Published: 08/02/2014 Updated: 30/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Python Bugzilla Project

Vulnerability Summary

python-bugzilla prior to 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle malicious users to spoof Bugzilla servers via a crafted certificate.

Vulnerable Product Search on Vulmon Subscribe to Product

python bugzilla project python-bugzilla

python bugzilla project python-bugzilla 0.7.0

python bugzilla project python-bugzilla 0.6.2

python bugzilla project python-bugzilla 0.6.1

python bugzilla project python-bugzilla 0.6.0

opensuse opensuse 12.3

opensuse opensuse 12.2

fedoraproject fedora 18

fedoraproject fedora 17

opensuse opensuse 11.4

References

CWE-20http://lists.opensuse.org/opensuse-updates/2013-07/msg00026.htmlhttp://www.openwall.com/lists/oss-security/2013/06/19/6https://git.fedorahosted.org/cgit/python-bugzilla.git/commit/?id=a782282ee479ba4cc1b8b1d89700ac630ba83eefhttps://lists.fedorahosted.org/pipermail/python-bugzilla/2013-June/000104.htmlhttp://lists.opensuse.org/opensuse-updates/2013-07/msg00025.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=951594https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook