Insufficient TLS Protection in Composer (PHP)

[Pádraic Brady <padraic.brady () gmail com>]

My I request a CVE ID for the following, which is a publicly disclosed
unpatched vulnerability on Composer's issue tracker since 2012.
Composer is an open source package manager for PHP. The specific issue
pertaining to this request is a failure to perform TLS peer
verification on remote requests when making any API request or
retrieving any file, i.e. there is a singular client class.

Ref: https://github.com/composer/composer/issues/1074

Kind regards,
Paddy

--
Pádraic Brady