libgdata before 0.10.2 and 0.11.x before 0.11.1 does not validate SSL certificates, which allows remote attackers to obtain user names and passwords via a man-in-the-middle (MITM) attack with a spoofed certificate.
Max CVSS
5.1
EPSS Score
0.97%
Published
2012-08-26
Updated
2013-04-05
1 vulnerabilities found