CVE-2020-24392

Published 17 days ago
Category: Other
Severity: Severe

Vulnerability in twitter-stream

In voloko twitter-stream 0.1.16, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).

CVSS Metrics
Access Vector Access Complexity Authentication Confidentiality Impact Integrity Impact Availability Impact
n/a n/a n/a n/a n/a n/a
Patched Versions

n/a

Unaffected Versions

n/a

References

n/a