iedriver NPM wrapper for Selenium IEDriver below 3.0.0 allows MITM attack
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
NVD | CVE-2016-10562 | 31 May 201820:29 | – | nvd |
Node.js | Downloads Resources over HTTP | 30 Nov 201622:03 | – | nodejs |
Cvelist | CVE-2016-10562 | 31 May 201820:00 | – | cvelist |
Github Security Blog | Downloads Resources over HTTP in iedriver | 18 Feb 201923:54 | – | github |
Veracode | Man In The Middle (MitM) | 19 Dec 201608:43 | – | veracode |
OSV | Downloads Resources over HTTP in iedriver | 18 Feb 201923:54 | – | osv |
Prion | Remote code execution | 31 May 201820:29 | – | prion |
[
{
"product": "iedriver node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "<3.0.0"
}
]
}
]
Source | Link |
---|---|
nodesecurity | www.nodesecurity.io/advisories/174 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo