Description
jser-stat is a JSer.info stat library. jser-stat downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.
Remediation
References
https://github.com/jser/stat-js/blob/master/data/url-mapping.js
https://nodesecurity.io/advisories/188
Related Vulnerabilities
CVE-2021-43862 Vulnerability in npm package jquery.terminal
CVE-2022-25767 Vulnerability in maven package com.bstek.ureport:ureport2-console
CVE-2022-27263 Vulnerability in npm package strapi
CVE-2023-28155 Vulnerability in npm package request
CVE-2023-40787 Vulnerability in maven package org.springblade:blade-core-tool