Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2014-9365
Description:The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in- the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-9365
BugTraq ID: 71639
RedHat Security Advisories: RHSA-2016:1166
RedHat Security Advisories: RHSA-2017:1162
RedHat Security Advisories: RHSA-2017:1868

© 1998-2021 E-Soft Inc. All rights reserved.