Lucene search
K

GHSA-6FVW-7VCH-X489 Downloads Resources over HTTP in selenium-portal

🗓️ 18 Feb 2019 23:44:36Reported by GoogleType 
osv
 osv
🔗 osv.dev👁 16 Views

Affected versions of `selenium-portal` insecurely download an executable over an unencrypted HTTP connection. No patch is currently available for this vulnerability, and the package has not seen an update since 2014. The best mitigation is currently to avoid using this package, using a different package if available. Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network

Related
Refs
ReporterTitlePublishedViews
Family
CNVD
selenium-portal remote code execution vulnerability
15 Jun 201800:00
cnvd
CVE
CVE-2016-10667
4 Jun 201816:00
cve
Cvelist
CVE-2016-10667
4 Jun 201816:00
cvelist
EUVD
EUVD-2019-0241
7 Oct 202500:30
euvd
Github Security Blog
Downloads Resources over HTTP in selenium-portal
18 Feb 201923:44
github
Node.js
Downloads Resources over HTTP
1 Dec 201622:14
nodejs
NVD
CVE-2016-10667
4 Jun 201816:29
nvd
OSV
CVE-2016-10667
4 Jun 201816:29
osv
Prion
Remote code execution
4 Jun 201816:29
prion
Veracode
Man-in-the-Middle (MitM)
5 Jun 201803:10
veracode
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

08 Nov 2023 03:58Current
8.1High risk
Vulners AI Score8.1
CVSS 38.1
CVSS 29.3
EPSS0.01752
16