Averagehelper

**Name of the Vulnerable Software and Affected Versions** dectalk-tts version 1.0.0 **Description** The issue arises from the use of unencrypted HTTP for network requests to the third-party API in `dectalk-tts@1.0.0`. This allows attackers to easily intercept and modify traffic, potentially leading to man-in-the-middle (MITM) attacks. Users could be victims of such attacks, and sensitive information could be stolen if sent despite warnings. Attackers could also manipulate requests and responses, potentially returning malicious output that could endanger the user's filesystem. **Recommendations** For `dectalk-tts` version 1.0.0, update to version 1.0.1 to resolve the issue, as the network request was upgraded to HTTPS in this version. As a precaution, do not send any sensitive information and carefully verify the API response before saving it.