Lucene search
GoogleOSV:CVE-2020-24392HistoryFeb 19, 2021 - 11:15 p.m.
CVE-2020-24392
2021-02-1923:15:12
Google
osv.dev
2
In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).
| CPE | Name | Operator | Version |
|---|---|---|---|
| twitter-stream | eq | 0.1.2 | |
| twitter-stream | eq | 0.1.3 | |
| twitter-stream | eq | 0.1.10 | |
| twitter-stream | eq | 0.1.0 | |
| twitter-stream | eq | 0.1.1 |
Related
debiancve
debiancve
CVE-2020-24392
2021-02-19 23:15:12
veracode
veracode
Man-in-the-Middle (MitM)
2020-09-23 05:10:58
nvd
nvd
CVE-2020-24392
2021-02-19 23:15:12
prion
prion
Design/Logic Flaw
2021-02-19 23:15:00
cvelist
cvelist
CVE-2020-24392
2021-02-19 22:42:17
ubuntucve
ubuntucve
CVE-2020-24392
2021-02-19 00:00:00
cve
cve
CVE-2020-24392
2021-02-19 23:15:12
github
github
Improper Certificate Validation in twitter-stream
2021-03-29 16:28:42
The little bug that couldn’t: Securing OpenSSL
2021-02-25 19:00:39
osv
osv
Improper Certificate Validation in twitter-stream
2021-03-29 16:28:42