{"source":1095090,"name":"xmlhttprequest-ssl","dependency":"xmlhttprequest-ssl","title":"Improper Certificate Validation in xmlhttprequest-ssl","url":"https://github.com/advisories/GHSA-72mh-269x-7mh5","severity":"critical","versions":["1.5.1","1.5.2","1.5.3","1.5.4","1.5.5","1.6.0","1.6.1","1.6.2","1.6.3","2.0.0","2.1.0","2.1.1","2.1.2","3.0.0","3.1.0"],"vulnerableVersions":["1.5.1","1.5.2","1.5.3","1.5.4","1.5.5","1.6.0"],"cwe":["CWE-295"],"cvss":{"score":9.4,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},"range":"<1.6.1","id":"7GoNMxXj3bnaRXOgoiaI9NG+Y6rN2KPR1Yj2wTolJygVtO0W2b3Wxsw4I5YWa+cwS9WeQoe1dLX970ZjIk+LMA=="}