Thomas-Leaman

**Name of the Vulnerable Software and Affected Versions** python-swiftclient versions 1.0 through 1.9.0 python-swiftclient versions 1.0 through 2.0.1 **Description** The issue concerns the failure of the python-swiftclient to verify X.509 certificates from SSL servers. This allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. **Recommendations** For python-swiftclient versions 1.0 through 1.9.0, update to version 2.0.2 or later to resolve the issue. For python-swiftclient versions 1.0 through 2.0.1, update to version 2.0.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** python-glanceclient versions prior to 0.10.0 **Description** The issue concerns a problem with the verification of server hostnames in the python-glanceclient library. Specifically, it does not properly check the preverify ok value, which is supposed to verify the server hostname against a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. This oversight allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary valid certificate. **Recommendations** For versions prior to 0.10.0, update to version 0.10.0 or later to resolve the issue.