Safety vulnerability ID: 35609
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrap_socket function in Python with the default CERT_NONE value for the cert_reqs argument.
Latest version: 4.2.2
Python REST kit
Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrap_socket function in Python with the default CERT_NONE value for the cert_reqs argument.
MLIST:[oss-security] 20150323 Re: Assign a CVE for Python's restkit Please: http://www.openwall.com/lists/oss-security/2015/03/23/7
MISC:https://github.com/benoitc/restkit/issues/140: https://github.com/benoitc/restkit/issues/140
CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1202837: https://bugzilla.redhat.com/show_bug.cgi?id=1202837
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application