Description
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.
Remediation
References
https://apidoc.gitee.com/dromara/hutool/cn/hutool/http/ssl/DefaultSSLInfo.html
https://github.com/dromara/hutool/issues/2042
Related Vulnerabilities
CVE-2020-7712 Vulnerability in npm package json
CVE-2020-35217 Vulnerability in maven package io.vertx:vertx-web
CVE-2019-10367 Vulnerability in maven package io.jenkins:configuration-as-code
CVE-2022-43432 Vulnerability in maven package org.jenkins-ci.plugins:xframium
CVE-2020-4035 Vulnerability in npm package @nozbe/watermelondb