High severityNVD Advisory· Published Sep 12, 2011· Updated Jun 16, 2026
CVE-2010-4340
CVE-2010-4340
Description
libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
apache-libcloudPyPI | < 0.4.0 | 0.4.0 |
Affected products
5Patches
Vulnerability mechanics
References
11- github.com/advisories/GHSA-w3j6-8j34-q43xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2010-4340ghsaADVISORY
- bugs.debian.org/cgi-bin/bugreport.cginvdWEB
- mail-archives.apache.org/mod_mbox/incubator-libcloud/201009.mbox/%3C5860913.463891285776633273.JavaMail.jira@thor%3EghsaWEB
- mail-archives.apache.org/mod_mbox/incubator-libcloud/201011.mbox/browsernvdWEB
- wiki.apache.org/incubator/LibcloudSSLnvdWEB
- bugs.python.org/issue1589ghsaWEB
- github.com/apache/libcloud/commit/87ee61e6ba03a43dcefea2ce180988bec066b6fdghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/apache-libcloud/PYSEC-2011-24.yamlghsaWEB
- issues.apache.org/jira/browse/LIBCLOUD-55nvdWEB
- mail-archives.apache.org/mod_mbox/incubator-libcloud/201009.mbox/%3C5860913.463891285776633273.JavaMail.jira%40thor%3Envd
News mentions
0No linked articles in our index yet.