Jasonk

Name of the Vulnerable Software and Affected Versions: brianleroux tiny-json-http versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) Description: The library's core functionality is affected by a Missing SSL certificate validation issue, which can result in exposing the user to man-in-the-middle attacks. Recommendations: For versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016), at the moment, there is no information about a newer version that contains a fix for this vulnerability.