CVE-2023-48052

HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack in pypi/httpie

Identifiers

CVE-2023-48052, GHSA-8r96-8889-qg2x

Package Slug

pypi/httpie

Vulnerability

HTTPie allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack

Description

Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.

Affected Versions

All versions up to 3.2.2

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-11-17

source