VYPR
Critical severityNVD Advisory· Published Feb 18, 2014· Updated Jun 17, 2026

CVE-2013-6396

CVE-2013-6396

Description

The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
python-swiftclientPyPI
>= 1.0, < 2.02.0

Affected products

35
  • OpenStack/Swift34 versions
    cpe:2.3:a:openstack:swift:1.0.0:*:*:*:*:*:*:*+ 33 more
    • cpe:2.3:a:openstack:swift:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.2.0:gamma1:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.3.0:gamma1:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.3.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.8.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.8.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:openstack:swift:1.9.0:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 1.0, < 2.0

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.