Description
unicode-json is a unicode lookup table. unicode-json before 2.0.0 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.
Remediation
References
https://nodesecurity.io/advisories/206
Related Vulnerabilities
CVE-2018-11651 Vulnerability in maven package org.graylog2:graylog2-server
CVE-2021-23375 Vulnerability in npm package psnode
CVE-2018-14732 Vulnerability in maven package org.webjars.npm:webpack-dev-server
CVE-2017-16187 Vulnerability in npm package open-device
CVE-2020-2172 Vulnerability in maven package org.jenkins-ci.plugins:code-coverage-api