9 matches found
Updated ruby-em-http-request packages fix security vulnerability
Updated ruby-em-http-request packages fix security vulnerability: A flaw was found in rubygem-em-http-request. The eventmachine library does not verify the hostname in a TLS server certificate which can allow an attacker to perform a man-in-the-middle attack. The highest threat from this...
Important: Red Hat Security Advisory: rubygem-em-http-request security update
An update for rubygem-em-http-request is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 7 : rubygem-em-http-request (RHSA-2021:0937)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0937 advisory. EventMachine based, async HTTP Request client. Security Fixes: missing SSL hostname validation allows MITM CVE-2020-13482 For more details about the...
Fedora: Security Advisory for rubygem-em-http-request (FEDORA-2020-8ccd750904)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 32 : rubygem-em-http-request (2020-117f1b67fb)
Security fix for CVE-2020-13482. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
Fedora 33 : rubygem-em-http-request (2020-8ccd750904)
Security fix for CVE-2020-13482 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
CVE-2020-13482
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified...
CVE-2020-13482
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified...
CVE-2020-13482
CVE-2020-13482 affects EM-HTTP-Request (1.1.5) using EventMachine, where TLS server certificate hostname verification is not performed. This allows potential MITM attacks affecting confidentiality and integrity. Public advisories (e.g., Red Hat RHSA-2021-0937, Mageia MGASA-2021-0172) confirm the ...