CVE-2013-1909

EPSS 0.81% · P74 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-1909

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Apache Qpid Python客户端SSL证书验证信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Apache Qpid是美国阿帕奇（Apache）软件基金会开发的一款面向对象的消息中间件，它是一个AMQP（高级消息队列协议）的实现，可以和符合AMQP协议的系统进行通信，并提供了C++、Python、Java、C#等编程语言的客户端库。Qpid AMQP 0-x JMS client和Qpid JMS client都是其中的客户端组件。 Apache Qpid 2.2之前版本中的Python客户端中存在安全漏洞，该漏洞源于程序没有验证远程服务器的SSL证书。攻击者可借助任意有效的证书利用该漏洞实施中间

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2013-1909

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2013-1909

Please Login to view more intelligence information

🔗 https://issues.apache.org/jira/browse/QPID-4918x_refsource_CONFIRM
🔗 http://svn.apache.org/viewvc?view=revision&revision=1460013x_refsource_CONFIRM
🔗 http://qpid.apache.org/releases/qpid-0.22/release-notes.htmlx_refsource_CONFIRM
🔗 http://secunia.com/advisories/54137third-party-advisoryx_refsource_SECUNIA
🔗 http://secunia.com/advisories/53968third-party-advisoryx_refsource_SECUNIA
🔗 http://rhn.redhat.com/errata/RHSA-2013-1024.htmlvendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2013-1909

Same Patch Batch · n/a · 2013-08-23 · 20 CVEs total

CVE-2013-3370		Request Tracker 安全绕过漏洞
CVE-2013-5570		TYPO3 Javascript和CSS Optimizer扩展跨站脚本漏洞
CVE-2013-5569		TYPO3 Slideshare扩展SQL注入漏洞
CVE-2012-6583		Drupal Imagemenu 模块跨站脚本漏洞
CVE-2013-5587		Request Tracker 跨站脚本漏洞
CVE-2013-4172		Red Hat CloudForms Management Engine 代码注入漏洞
CVE-2013-3374		Request Tracker 信息泄露漏洞
CVE-2013-3373		Request Tracker MIME头注入安全绕过漏洞
CVE-2013-3372		Request Tracker HTTP报头注入漏洞
CVE-2013-3371		Request Tracker Attachment Filenames 跨站脚本漏洞
CVE-2011-4607		PuTTY 信息泄露漏洞
CVE-2013-3369		Request Tracker 安全绕过漏洞
CVE-2013-3368		Request Tracker 任意文件覆盖漏洞
CVE-2013-2196		Xen 远程提权漏洞
CVE-2013-2195		Xen 指针引用提权漏洞
CVE-2013-2194		Xen 远程提权漏洞
CVE-2013-1435		Cacti snmp.php和rrd.php 任意命令执行漏洞
CVE-2013-1434		Cacti 多个SQL注入漏洞
CVE-2012-4733		Request Tracker 安全绕过漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2013-1909

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2013-1909

I. Basic Information for CVE-2013-1909

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2013-1909

III. Intelligence Information for CVE-2013-1909

Same Patch Batch · n/a · 2013-08-23 · 20 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2013-1909

Leave a comment