Lucene search

CVE-2020-24393

🗓️ 19 Feb 2021 23:12:15Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 86 Views

TweetStream 2.6.1 insecurely uses eventmachine library, enabling MITM attack without TLS hostname validation

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Prion	Input validation	19 Feb 202123:15	–	prion
Veracode	Man-in-the-Middle (MitM)	23 Sep 202000:24	–	veracode
Cvelist	CVE-2020-24393	19 Feb 202122:44	–	cvelist
OSV	CVE-2020-24393	19 Feb 202123:15	–	osv
OSV	GHSA-6HRM-JQP3-64CV Improper Certificate Validation in TweetStream	13 Apr 202115:42	–	osv
NVD	CVE-2020-24393	19 Feb 202123:15	–	nvd
Github Security Blog	Improper Certificate Validation in TweetStream	13 Apr 202115:42	–	github
Github Security Blog	The little bug that couldn’t: Securing OpenSSL	25 Feb 202119:00	–	github
RubySec	Improper Certificate Validation in TweetStream	12 Apr 202121:00	–	rubygems

Nvd

Node

tweetstream_project tweetstreamMatch2.6.1ruby

Source	Link
github	www.github.com/tweetstream/tweetstream
securitylab	www.securitylab.github.com/advisories/GHSL-2020-096-tweetstream-tweetstream

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Feb 2021 23:15Current

5.7Medium risk

Vulners AI Score5.7

CVSS24.3

CVSS35.9

EPSS0.00185

CWE-295