Description
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.
Remediation
References
https://apidoc.gitee.com/dromara/hutool/cn/hutool/http/ssl/DefaultSSLInfo.html
https://github.com/dromara/hutool/issues/2042
Related Vulnerabilities
CVE-2016-10657 Vulnerability in npm package co-cli-installer
CVE-2021-29300 Vulnerability in npm package opened
CVE-2023-40343 Vulnerability in maven package io.jenkins.plugins:tuleap-oauth
CVE-2018-15890 Vulnerability in maven package org.ethereum:ethereumj-core
CVE-2022-1330 Vulnerability in maven package org.webjars.bower:fullpage.js