Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation in TLSSocket.prototype.setSession lib/internal/tls/wrap.js, which reuses a cached TLS session for a connection with a different servername without re-verifying the server's certificate against the new hos...