Lucene search
GoogleOSV:GHSA-P6P8-Q4PJ-F74MHistoryMar 29, 2021 - 4:28 p.m.
Improper Certificate Validation in twitter-stream
2021-03-2916:28:42
Google
osv.dev
6
0.001 Low
EPSS
Percentile
30.5%
In voloko twitter-stream 0.1.16, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).
Related
prion
prion
Design/Logic Flaw
2021-02-19 23:15:00
cvelist
cvelist
CVE-2020-24392
2021-02-19 22:42:17
debiancve
debiancve
CVE-2020-24392
2021-02-19 23:15:12
veracode
veracode
Man-in-the-Middle (MitM)
2020-09-23 05:10:58
nvd
nvd
CVE-2020-24392
2021-02-19 23:15:12
ubuntucve
ubuntucve
CVE-2020-24392
2021-02-19 00:00:00
osv
osv
CVE-2020-24392
2021-02-19 23:15:12
cve
cve
CVE-2020-24392
2021-02-19 23:15:12
github
github
Improper Certificate Validation in twitter-stream
2021-03-29 16:28:42
The little bug that couldn’t: Securing OpenSSL
2021-02-25 19:00:39