Lucene search
GoogleOSV:GHSA-P6P8-Q4PJ-F74MHistoryMar 29, 2021 - 4:28 p.m.
Improper Certificate Validation in twitter-stream
2021-03-2916:28:42
Google
osv.dev
7
certificate validation
twitter-stream
attack
eventmachine
EPSS
0.001
Percentile
30.3%
In voloko twitter-stream 0.1.16, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).
Related
debiancve
debiancve
CVE-2020-24392
2021-02-19 23:15:12
veracode
veracode
Man-in-the-Middle (MitM)
2020-09-23 05:10:58
nvd
nvd
CVE-2020-24392
2021-02-19 23:15:12
ubuntucve
ubuntucve
CVE-2020-24392
2021-02-19 00:00:00
osv
osv
CVE-2020-24392
2021-02-19 23:15:12
github
github
Improper Certificate Validation in twitter-stream
2021-03-29 16:28:42
The little bug that couldn’t: Securing OpenSSL
2021-02-25 19:00:39
cve
cve
CVE-2020-24392
2021-02-19 23:15:12
rubygems
rubygems
Improper Certificate Validation in twitter-stream
2021-03-28 21:00:00
prion
prion
Design/Logic Flaw
2021-02-19 23:15:00
cvelist
cvelist
CVE-2020-24392
2021-02-19 22:42:17