EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-05-25T21:49:30

Updated: 2024-08-04T12:18:18.262Z

Reserved: 2020-05-25T00:00:00

Link: CVE-2020-13482

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-05-25T22:15:09.860

Modified: 2024-11-21T05:01:21.413

Link: CVE-2020-13482

cve-icon Redhat

Severity : Important

Publid Date: 2020-05-24T00:00:00Z

Links: CVE-2020-13482 - Bugzilla