{"id":"CVE-2020-13616","details":"The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.","modified":"2026-04-11T21:19:48.179595Z","published":"2020-05-26T23:15:11.083Z","references":[{"type":"ADVISORY","url":"https://github.com/pichi-router/pichi/releases/tag/1.3.0"},{"type":"FIX","url":"https://github.com/pichi-router/pichi/commit/4698664233bc324f26658d2b041bfe6ea022c573"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pichi-router/pichi","events":[{"introduced":"0"},{"fixed":"2916bd53d298e1143081a24974549e4367a22bac"},{"fixed":"4698664233bc324f26658d2b041bfe6ea022c573"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.3.0"}]}}],"versions":["1.0","1.0-alpha","1.0-beta","1.1-rc","1.1.0","1.2.0","1.2.0-rc","1.2.1","1.2.1-rc","1.3.0-rc"],"database_specific":{"vanir_signatures":[{"source":"https://github.com/pichi-router/pichi/commit/2916bd53d298e1143081a24974549e4367a22bac","signature_version":"v1","target":{"file":"src/net/http.cpp","function":"disconnect"},"id":"CVE-2020-13616-70dcf2cc","signature_type":"Function","deprecated":false,"digest":{"function_hash":"137337912029904505901781117209005375242","length":1035}},{"source":"https://github.com/pichi-router/pichi/commit/2916bd53d298e1143081a24974549e4367a22bac","signature_version":"v1","target":{"file":"src/net/http.cpp"},"id":"CVE-2020-13616-d7abad56","signature_type":"Line","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["69489399679128650160052406761576552415","135572112179782736437937821203965452093","83883856479767001370306109378004111995","307039956862139459933935978175831468720","102940385700334214018001557192047724272","207874256715498514481486752652131921339","49908123410616073796639104710647880963"]}}],"vanir_signatures_modified":"2026-04-11T21:19:48Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13616.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}