Lucene search
K

9 matches found

Mageia
Mageia
added 2021/04/02 8:25 p.m.25 views

Updated ruby-em-http-request packages fix security vulnerability

Updated ruby-em-http-request packages fix security vulnerability: A flaw was found in rubygem-em-http-request. The eventmachine library does not verify the hostname in a TLS server certificate which can allow an attacker to perform a man-in-the-middle attack. The highest threat from this...

7.4CVSS3.3AI score0.00905EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2021/03/18 1:3 p.m.64 views

Important: Red Hat Security Advisory: rubygem-em-http-request security update

An update for rubygem-em-http-request is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.4CVSS7.2AI score0.00905EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/03/18 12:0 a.m.30 views

RHEL 7 : rubygem-em-http-request (RHSA-2021:0937)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0937 advisory. EventMachine based, async HTTP Request client. Security Fixes: missing SSL hostname validation allows MITM CVE-2020-13482 For more details about the...

7.4CVSS7.3AI score0.00905EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/01/11 12:0 a.m.17 views

Fedora: Security Advisory for rubygem-em-http-request (FEDORA-2020-8ccd750904)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.4CVSS7.5AI score0.00905EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/01/11 12:0 a.m.31 views

Fedora 32 : rubygem-em-http-request (2020-117f1b67fb)

Security fix for CVE-2020-13482. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

7.4CVSS7.2AI score0.00905EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/01/11 12:0 a.m.23 views

Fedora 33 : rubygem-em-http-request (2020-8ccd750904)

Security fix for CVE-2020-13482 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

7.4CVSS7.2AI score0.00905EPSS
Exploits1References2
NVD
NVD
added 2020/05/25 10:15 p.m.16 views

CVE-2020-13482

EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified...

7.4CVSS7.2AI score0.00905EPSS
Exploits1References4
Cvelist
Cvelist
added 2020/05/25 9:49 p.m.25 views

CVE-2020-13482

EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified...

7.1AI score0.00905EPSS
Exploits1References4
CVE
CVE
added 2020/05/25 9:49 p.m.97 views

CVE-2020-13482

CVE-2020-13482 affects EM-HTTP-Request (1.1.5) using EventMachine, where TLS server certificate hostname verification is not performed. This allows potential MITM attacks affecting confidentiality and integrity. Public advisories (e.g., Red Hat RHSA-2021-0937, Mageia MGASA-2021-0172) confirm the ...

7.4CVSS7AI score0.00905EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder