Lucene search
GoogleOSV:CVE-2016-10534HistoryMay 31, 2018 - 8:29 p.m.
CVE-2016-10534
2018-05-3120:29:01
Google
osv.dev
4
electron-packager is a command line tool that packages Electron source code into .app and .exe packages. along with Electron. The --strict-ssl command line option in electron-packager >= 5.2.1 <= 6.0.0 || >=6.0.0 <= 6.0.2 defaults to false if not explicitly set to true. This could allow an attacker to perform a man in the middle attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| electron-packager | eq | 6.0.1 | |
| electron-packager | eq | 6.0.2 | |
| electron-packager | eq | 5.2.1 | |
| electron-packager | eq | 6.0.0 |
Related
prion
prion
Command injection
2018-05-31 20:29:00
nvd
nvd
CVE-2016-10534
2018-05-31 20:29:01
veracode
veracode
Man-in-the-Middle (MitM)
2016-04-23 01:22:54
cvelist
cvelist
CVE-2016-10534
2018-04-26 00:00:00
cve
cve
CVE-2016-10534
2018-05-31 20:29:01
osv
osv
SSL Validation Defaults to False in electron-packager
2019-02-18 23:58:24
nodejs
nodejs
SSL Validation Defaults to False
2016-04-21 18:27:18
github
github
SSL Validation Defaults to False in electron-packager
2019-02-18 23:58:24