Lucene search
GoogleOSV:GHSA-4F68-49QQ-H392HistoryMay 24, 2021 - 6:12 p.m.
Improper certificate validation in em-imap
2021-05-2418:12:20
Google
osv.dev
10
improper certificate validation
eventmachine library
man-in-the-middle attack
tls server certificate
insecure practice
software vulnerability
EPSS
0.002
Percentile
58.5%
em-imap 0.5 and earlier use the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
Related
osv
osv
CVE-2020-13163
2020-05-19 22:15:12
cve
cve
CVE-2020-13163
2020-05-19 22:15:12
cvelist
cvelist
CVE-2020-13163
2020-05-19 21:22:57
github
github
Improper certificate validation in em-imap
2021-05-24 18:12:20
The little bug that couldn’t: Securing OpenSSL
2021-02-25 19:00:39
prion
prion
Code injection
2020-05-19 22:15:00
veracode
veracode
Man-in-the-Middle (MitM)
2020-05-21 06:55:17
huntr
huntr
in conradirwin/em-imap
2020-05-27 00:00:00
rubygems
rubygems
Improper certificate validation in em-imap
2021-05-23 21:00:00
nvd
nvd
CVE-2020-13163
2020-05-19 22:15:12