EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-05-25T21:49:30
Updated: 2024-08-04T12:18:18.262Z
Reserved: 2020-05-25T00:00:00
Link: CVE-2020-13482
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-05-25T22:15:09.860
Modified: 2024-11-21T05:01:21.413
Link: CVE-2020-13482
Redhat