CVE-2020-24392 – In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to per …

Vuln ID: CVE-2020-24392

Published:  2021-02-19  23:15:12Z

Description: In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).

Source: NVD.NIST.GOV