MidnightBSD

Advisories for python_bugzilla_project

CVE-2013-2191 MEDIUM

python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
python_bugzilla_project python-bugzilla *
python_bugzilla_project python-bugzilla 0.7.0
fedoraproject fedora 18
python_bugzilla_project python-bugzilla 0.6.2
python_bugzilla_project python-bugzilla 0.6.1
python_bugzilla_project python-bugzilla 0.6.0
fedoraproject fedora 17
opensuse opensuse 11.4
opensuse opensuse 12.3