Affected versions of `soci` insecurely download an executable over an unencrypted HTTP connection. Best mitigation is to avoid using the package
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
![]() | Downloads Resources over HTTP in soci | 18 Feb 201923:44 | – | osv |
![]() | Remote code execution | 4 Jun 201816:29 | – | prion |
![]() | CVE-2016-10669 | 4 Jun 201816:29 | – | cve |
![]() | Downloads Resources over HTTP | 2 Dec 201601:27 | – | nodejs |
![]() | CVE-2016-10669 | 4 Jun 201816:00 | – | cvelist |
![]() | CVE-2016-10669 | 4 Jun 201816:29 | – | nvd |
![]() | Man-in-the-Middle (MitM) | 5 Jun 201803:14 | – | veracode |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo