VulnerableCode Package Details - pkg:pypi/httplib2@0.9

Search for packages

Vulnerability	Summary	Fixed by
VCID-1c79-p7ep-5ba1 Aliases: CVE-2021-21240 GHSA-93xj-8mrv-444m PYSEC-2021-16		0.19.0 Affected by 0 other vulnerabilities.
VCID-5u69-2nk5-bfga Aliases: CVE-2020-11078 GHSA-gg84-qgv9-w4pq PYSEC-2020-46		0.18.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-akc4-fv9n-q3ak Aliases: CVE-2013-2037 GHSA-q48q-77qv-cf9p PYSEC-2014-81	httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.	0.10.1 Affected by 0 other vulnerabilities. 0.10.3 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-1c79-p7ep-5ba1
Aliases:
CVE-2021-21240
GHSA-93xj-8mrv-444m
PYSEC-2021-16

0.19.0
Affected by 0 other vulnerabilities.

VCID-5u69-2nk5-bfga
Aliases:
CVE-2020-11078
GHSA-gg84-qgv9-w4pq
PYSEC-2020-46

0.18.0
Affected by 1 other vulnerability.

VCID-akc4-fv9n-q3ak
Aliases:
CVE-2013-2037
GHSA-q48q-77qv-cf9p
PYSEC-2014-81

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

0.10.1
Affected by 0 other vulnerabilities.

0.10.3
Affected by 2 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-akc4-fv9n-q3ak	httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.	CVE-2013-2037 GHSA-q48q-77qv-cf9p PYSEC-2014-81

Vulnerability

Summary

Aliases

VCID-akc4-fv9n-q3ak

CVE-2013-2037
GHSA-q48q-77qv-cf9p
PYSEC-2014-81

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T08:51:11.336161+00:00	GHSA Importer	Affected by	VCID-akc4-fv9n-q3ak	https://github.com/advisories/GHSA-q48q-77qv-cf9p	38.6.0
2026-06-12T18:11:45.256982+00:00	GitLab Importer	Affected by	VCID-akc4-fv9n-q3ak	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/httplib2/CVE-2013-2037.yml	38.6.0
2026-06-12T17:33:14.492029+00:00	GitLab Importer	Affected by	VCID-1c79-p7ep-5ba1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/httplib2/CVE-2021-21240.yml	38.6.0
2026-06-12T17:20:51.706387+00:00	GitLab Importer	Affected by	VCID-5u69-2nk5-bfga	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/httplib2/CVE-2020-11078.yml	38.6.0
2026-06-12T04:05:16.721758+00:00	Pypa Importer	Affected by	VCID-1c79-p7ep-5ba1	https://github.com/pypa/advisory-database/blob/main/vulns/httplib2/PYSEC-2021-16.yaml	38.6.0
2026-06-12T04:03:36.840728+00:00	Pypa Importer	Affected by	VCID-5u69-2nk5-bfga	https://github.com/pypa/advisory-database/blob/main/vulns/httplib2/PYSEC-2020-46.yaml	38.6.0
2026-06-12T04:00:40.776140+00:00	Pypa Importer	Fixing	VCID-akc4-fv9n-q3ak	https://github.com/pypa/advisory-database/blob/main/vulns/httplib2/PYSEC-2014-81.yaml	38.6.0
2026-06-11T20:47:14.600719+00:00	PyPI Importer	Affected by	VCID-1c79-p7ep-5ba1	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:45:32.514995+00:00	PyPI Importer	Affected by	VCID-5u69-2nk5-bfga	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:42:03.314181+00:00	PyPI Importer	Fixing	VCID-akc4-fv9n-q3ak	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0