VYPR
High severityNVD Advisory· Published Feb 8, 2014· Updated Jun 16, 2026

CVE-2013-2191

CVE-2013-2191

Description

python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
python-bugzillaPyPI
< 0.9.00.9.0

Affected products

12
  • cpe:2.3:a:python_bugzilla_project:python-bugzilla:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:python_bugzilla_project:python-bugzilla:*:*:*:*:*:*:*:*range: <=0.8.0
    • cpe:2.3:a:python_bugzilla_project:python-bugzilla:0.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:python_bugzilla_project:python-bugzilla:0.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:python_bugzilla_project:python-bugzilla:0.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:python_bugzilla_project:python-bugzilla:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE3 versions
    cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
  • ghsa-coords2 versions
    < 0.9.0+ 1 more
    • (no CPE)range: < 0.9.0
    • (no CPE)range: < 1.2.2-1.1

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.