Lucene search

K

Downloads Resources over HTTP in soci

🗓️ 18 Feb 2019 23:32:44Reported by GitHub Advisory DatabaseType 
github
 github
🔗 github.com👁 15 Views

Affected versions of `soci` insecurely download an executable over an unencrypted HTTP connection. Best mitigation is to avoid using the package

Show more
Related
Detection
Refs
ReporterTitlePublishedViews
Family
osv
Downloads Resources over HTTP in soci
18 Feb 201923:44
osv
prion
Remote code execution
4 Jun 201816:29
prion
cve
CVE-2016-10669
4 Jun 201816:29
cve
nodejs
Downloads Resources over HTTP
2 Dec 201601:27
nodejs
cvelist
CVE-2016-10669
4 Jun 201816:00
cvelist
nvd
CVE-2016-10669
4 Jun 201816:29
nvd
veracode
Man-in-the-Middle (MitM)
5 Jun 201803:14
veracode
Vulners
Node
soci_projectsociRange3.2.2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
18 Feb 2019 23:44Current
5.7Medium risk
Vulners AI Score5.7
CVSS29.3
CVSS38.1
EPSS0.006
15
.json
Report