13 matches found
CVE-2020-24393
TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...
EUVD-2021-0775
Malware in sbrugna...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation. TLS hostname is not validated sufficiently. Remediation There is no fixed version for tweetstream...
GHSA-6HRM-JQP3-64CV Improper Certificate Validation in TweetStream
TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...
Improper Certificate Validation in TweetStream
TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...
Improper Certificate Validation in TweetStream
TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...
Man-in-the-Middle (MitM)
Overview Affected versions of this package are vulnerable to Man-in-the-Middle MitM due to Missing TLS hostname validation. Remediation There is no fixed version for tweetstream. References - GitHub Security Advisory - GitHub Security Advisory Credit: Agustin Gianni...
CVE-2020-24393
TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...
Input validation
TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...
CVE-2020-24393
CVE-2020-24393 affects TweetStream 2.6.1. The vulnerability arises from insecure use of the eventmachine library that omits TLS hostname validation, enabling potential man-in-the-middle attacks. Public sources (including Red Hat, OSV, MV sources) reiterate the same description and do not specify ...
CVE-2020-24393
TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...
TweetStream Trust Management Issue Vulnerability
Steve Agalloco TweetStream is an application from Steve Agallocoe Steve Agalloco, USA. Provides TweetStream provides simple Ruby access to Twitter's Streaming API. A vulnerability exists in TweetStream for trust management issues. The vulnerability stems from a failure to perform security checks ...
Man-in-the-Middle (MitM)
tweetstream is vulnerable to man-in-the-middle MitM. The vulnerability exists through the insecure usage of eventmachine, where it does not perform validation of hostnames, when initiating SSL/TLS connections...