CVE-2023-48052

Name
CVE-2023-48052
Description
Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://gxx777.github.io/HTTPie_3.2.2_Cryptographic_API_Misuse_Vulnerability.md

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:httpie:httpie:3.2.2:*:*:*:*:*:*:* httpie == None == 3.2.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
httpie edge-community 3.2.2-r0 Fabian Affolter <fabian@affolter-engineering.ch> possibly vulnerable
httpie 3.19-community 3.2.2-r0 Fabian Affolter <fabian@affolter-engineering.ch> possibly vulnerable