VYPR

npm package

dectalk-tts

pkg:npm/dectalk-tts

Vulnerabilities (1)

  • CVE-2024-31206HigApr 4, 2024
    affected >= 1.0.0, < 1.0.1fixed 1.0.1

    dectalk-tts is a Node package to interact with the aeiou Dectalk web API. In `dectalk-tts@1.0.0`, network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic can be easily intercepted and modified by attackers. Anyone who uses the package