Description
brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. that can result in Exposes the user to man-in-the-middle attacks.
Remediation
References
https://github.com/brianleroux/tiny-json-http/pull/15
Related Vulnerabilities
CVE-2016-10674 Vulnerability in npm package limbus-buildgen
CVE-2012-3451 Vulnerability in maven package org.apache.cxf:cxf-bundle-jaxrs
CVE-2023-30532 Vulnerability in maven package org.jenkinsci.plugins.spoonscript:spoonscript
CVE-2019-9844 Vulnerability in npm package simple-markdown
CVE-2020-8124 Vulnerability in maven package org.webjars.bowergithub.unshiftio:url-parse