dwebp-bin downloads Resources over HTTP

🗓️ 18 Feb 2019 23:04:57Reported by GitHub Advisory DatabaseType

dwebp-bin insecurely downloads executable over HTT

Reporter	Title	Published	Views	Family All 7
Cvelist	CVE-2016-10633	1 Jun 201818:00	–	cvelist
OSV	dwebp-bin downloads Resources over HTTP	18 Feb 201923:57	–	osv
CVE	CVE-2016-10633	1 Jun 201818:29	–	cve
Node.js	Downloads Resources over HTTP	1 Dec 201617:17	–	nodejs
Veracode	Man-in-the-Middle (MitM)	4 Jun 201805:10	–	veracode
NVD	CVE-2016-10633	1 Jun 201818:29	–	nvd
Prion	Remote code execution	1 Jun 201818:29	–	prion

Vulners

Node

dwebp\-bin_project dwebp\-binRange≤1.0.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-10633
github	www.github.com/advisories/GHSA-4pf7-579w-f4gm
npmjs	www.npmjs.com/advisories/232

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Feb 2019 23:57Current

8.1High risk

Vulners AI Score8.1

CVSS29.3

CVSS38.1

EPSS0.00546