EPSS
Percentile
48.7%
cn.hutool:hutool-http is vulnerable to Improper certificate validation. The vulnerability exists due to the insufficient validations of TLS/SSL certificates in verify function in TrustAnyHostnameVerifierof class.
TLS/SSL
verify
TrustAnyHostnameVerifierof
apidoc.gitee.com/dromara/hutool/cn/hutool/http/ssl/DefaultSSLInfo.html
github.com/advisories/GHSA-p7w9-8mxw-p3g7
github.com/dromara/hutool/commit/cdf105589deb9b0999c7fcdf33b2b5b86b22f960
github.com/dromara/hutool/issues/2042