Lucene search
PRIOn knowledge basePRION:CVE-2016-10534HistoryMay 31, 2018 - 8:29 p.m.
Command injection
2018-05-3120:29:00
PRIOn knowledge base
www.prio-n.com
electron-packager is a command line tool that packages Electron source code into .app and .exe packages. along with Electron. The --strict-ssl command line option in electron-packager >= 5.2.1 <= 6.0.0 || >=6.0.0 <= 6.0.2 defaults to false if not explicitly set to true. This could allow an attacker to perform a man in the middle attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| electron-packager | ge | 5.2.1 | |
| electron-packager | le | 6.0.2 |
Related
nvd
nvd
CVE-2016-10534
2018-05-31 20:29:01
veracode
veracode
Man-in-the-Middle (MitM)
2016-04-23 01:22:54
osv
osv
CVE-2016-10534
2018-05-31 20:29:01
SSL Validation Defaults to False in electron-packager
2019-02-18 23:58:24
cvelist
cvelist
CVE-2016-10534
2018-04-26 00:00:00
cve
cve
CVE-2016-10534
2018-05-31 20:29:01
nodejs
nodejs
SSL Validation Defaults to False
2016-04-21 18:27:18
github
github
SSL Validation Defaults to False in electron-packager
2019-02-18 23:58:24