CVE-2022-2996

EPSS 0.5%CWE-295

A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.

Affected products

n/a · python-scciclient

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://lists.debian.org/debian-lts-announce/2022/11/msg00006.html https://opendev.org/x/python-scciclient/commit/274dca0344b65b4ac113d3271d21c17e970a636c