Hostname check bypassing vulnerability in SSL client (CVE-2013-4073) Posted by nahi on 27 Jun 2013 A vulnerability in Ruby’s SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority. This vulnerability has been assigned the CVE identifier CVE-2013-4073. Summary Ruby’s SSL client implements hostname identity check