VYPR

PyPI package

qpid-python

pkg:pypi/qpid-python

Vulnerabilities (1)

  • CVE-2013-1909Aug 23, 2013
    affected < 0.22fixed 0.22

    The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid cert