{"id":"PYSEC-2020-252","details":"The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName.","aliases":["CVE-2020-24715","GHSA-738x-v49g-p6hx"],"modified":"2023-11-08T04:03:08.555783Z","published":"2020-08-27T22:15:00Z","references":[{"type":"WEB","url":"https://scalyr-static.s3.amazonaws.com/technical-details/index.html"}],"affected":[{"package":{"name":"scalyr-agent-2","ecosystem":"PyPI","purl":"pkg:pypi/scalyr-agent-2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.1.10"}]}],"versions":["2.0.0.alpha.11","2.0.0.beta.3","2.0.1","2.0.14","2.0.15","2.0.17","2.0.2","2.0.27","2.0.37","2.0.38","2.0.39","2.0.4.1","2.0.4.2","2.0.40","2.0.41","2.0.42","2.0.43","2.0.44","2.0.45","2.0.46","2.0.47","2.0.48","2.0.49","2.0.5","2.0.50","2.0.51","2.0.52","2.0.53","2.0.54","2.0.55","2.0.56","2.0.57","2.0.58","2.0.59","2.0.6","2.0.8","2.1.1","2.1.2","2.1.3","2.1.4","2.1.5","2.1.6","2.1.7","2.1.8","2.1.9"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/scalyr-agent-2/PYSEC-2020-252.yaml"}}],"schema_version":"1.7.3"}