CVE-2010-4340: Missing Validation of OpenSSL Certificate
(updated )
libcloud does not verify SSL certificates for HTTPS connections, which allows remote attackers to spoof certificates and bypass intended access restrictions via a man-in-the-middle (MITM) attack.
References
Detect and mitigate CVE-2010-4340 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →