{"id":"CVE-2018-1000096","details":"brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. that can result in Exposes the user to man-in-the-middle attacks.","aliases":["GHSA-7h42-5vj2-cq39"],"modified":"2026-04-02T00:24:16.792220Z","published":"2018-03-13T01:29:00.907Z","references":[{"type":"ADVISORY","url":"https://github.com/brianleroux/tiny-json-http/pull/15"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/brianleroux/tiny-json-http","events":[{"introduced":"0"},{"last_affected":"fc026ea29f68d39d844d60bf729ab174110fd6d0"}],"database_specific":{"versions":[{"introduced":"1.0.0"},{"last_affected":"7.0.0"}]}}],"versions":["v5.0.0","v5.0.1","v5.0.2","v5.1.0","v5.1.1","v5.1.2","v5.2.0","v5.3.0","v5.3.1","v5.3.2","v6.0.0","v6.0.1","v6.2.0","v7.0.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000096.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}