CVE-2020-24393
Published
CVSS v3
5.9
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack.
A simple EventMachine-based library for consuming Twitter's Streaming API.
GitHub