CVE-2022-2996

EPSS 0.5%CWE-295

A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.

Produtos afetados

n/a · python-scciclient

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://lists.debian.org/debian-lts-announce/2022/11/msg00006.html https://opendev.org/x/python-scciclient/commit/274dca0344b65b4ac113d3271d21c17e970a636c