Lucene search
Redhat.comRH:CVE-2020-13482HistoryDec 29, 2020 - 2:59 p.m.
CVE-2020-13482
2020-12-2914:59:37
redhat.com
access.redhat.com
9
0.001 Low
EPSS
Percentile
39.5%
A flaw was found in rubygem-em-http-request. The eventmachine library does not verify the hostname in a TLS server certificate which can allow an attacker to perform a man-in-the-middle attack. The highest threat from this vulnerability is to data confidentiality and integrity.
Mitigation
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0172)
2022-01-28 00:00:00
redhat
redhat
(RHSA-2021:0937) Important: rubygem-em-http-request security update
2021-03-18 12:26:33
nessus
nessus
RHEL 7 : rubygem-em-http-request (RHSA-2021:0937)
2021-03-18 00:00:00
Fedora 32 : rubygem-em-http-request (2020-117f1b67fb)
2021-01-11 00:00:00
Fedora 33 : rubygem-em-http-request (2020-8ccd750904)
2021-01-11 00:00:00
prion
prion
Design/Logic Flaw
2020-05-25 22:15:00
fedora
fedora
[SECURITY] Fedora 32 Update: rubygem-em-http-request-1.1.7-1.fc32
2021-01-07 01:14:17
[SECURITY] Fedora 33 Update: rubygem-em-http-request-1.1.7-1.fc33
2021-01-07 01:15:42
mageia
mageia
Updated ruby-em-http-request packages fix security vulnerability
2021-04-02 23:25:05
osv
osv
CVE-2020-13482
2020-05-25 22:15:09
Improper Certificate Validation in EM-HTTP-Request
2021-05-24 18:13:13
nvd
nvd
CVE-2020-13482
2020-05-25 22:15:09
cvelist
cvelist
CVE-2020-13482
2020-05-25 21:49:30
veracode
veracode
Man-in-the-middle (MitM)
2020-06-18 06:49:23
cve
cve
CVE-2020-13482
2020-05-25 22:15:09
github
github
Improper Certificate Validation in EM-HTTP-Request
2021-05-24 18:13:13