Lucene search
HackeroneCVELIST:CVE-2016-10620HistoryApr 26, 2018 - 12:00 a.m.
CVE-2016-10620
2018-04-2600:00:00
CWE-311
hackerone
www.cve.org
atom-node-module-installer installs node modules for atom-shell applications. atom-node-module-installer binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server.
CNA Affected
[
{
"product": "atom-node-module-installer node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
]References
Related
nodejs
nodejs
Downloads Resources over HTTP
2016-12-01 15:36:01
osv
osv
Downloads Resources over HTTP in atom-node-module-installer
2019-02-18 23:56:53
veracode
veracode
Man-in-the-Middle (MitM)
2018-06-04 04:57:39
nvd
nvd
CVE-2016-10620
2018-06-01 18:29:01
github
github
Downloads Resources over HTTP in atom-node-module-installer
2019-02-18 23:56:53
cve
cve
CVE-2016-10620
2018-06-01 18:29:01
prion
prion
Remote code execution
2018-06-01 18:29:00