libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libcloud | Apache | 0.3.1 | 0.3.1 |
Libcloud | Apache | 0.3.0 | 0.3.0 |
Libcloud | Apache | * | 0.4.0 |
Libcloud | Apache | 0.2.0 | 0.2.0 |