CVE-2016-10610

unicode-json before 2.0.0 downloads data resources over HTTP, enabling potential MitM manipulation/read of resources and, in some advisories, remote code execution risks. The affected component is the unicode-json package (pre-2.0.0) and the remediation advised across sources is to upgrade to ver...