CVE-2018-1000096: Improper Certificate Validation
(updated )
brianleroux tiny-json-http contains a missing SSL certificate validation vulnerability. The libraries core functionality is affected, which can result in the user being exposed to man-in-the-middle attacks.
References
Detect and mitigate CVE-2018-1000096 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →