Improper Certificate Validation
TweetStream uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack.
Advisories for Gem/Tweetstream package
2021
TweetStream uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack.