[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS`

Impact

API_URLS is utilizing HTTP instead of HTTPS for communication that can lead to issues like Eavesdropping, Data Tampering, Unauthorized Data Access & MITM Attacks.

References

ISSUE
PATCH

References

g147 published to ARPSyndicate/puncia Jul 19, 2024

Published to the GitHub Advisory Database Jul 19, 2024

Reviewed Jul 19, 2024

Published by the National Vulnerability Database Jul 19, 2024

Last updated Aug 1, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Package

Affected versions

Patched versions

Description

Impact

References

References

Severity

CVSS overall score

CVSS v4 base metrics

Exploitability Metrics

Vulnerable System Impact Metrics

Subsequent System Impact Metrics

CVSS v4 base metrics

Exploitability Metrics

Vulnerable System Impact Metrics

Subsequent System Impact Metrics

EPSS score

Weaknesses

CVE ID

GHSA ID

Source code

Credits