voloko/twitter-stream

Releases5

Frequency2 months 4 weeks

Last Release over 15 years ago

Stars234

Twitter realtime API client

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-24392 ↗	Feb 19, 2021Friday, 19 February 2021, 23:15	5.9 MEDIUM	4.3 MEDIUM
In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).