Downloads Resources over HTTP in operadriver

operadriver is a Opera Driver for Selenium. operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attack...

start-selenium (>=0.0.1 <=0.0.5) potentially affected by CVE-2016-10565 via operadriver (=0.2.2)

operadriver NPM version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on operadriver and may be impacted: - start-selenium =0.0.1, =0.0.5 Source cves: CVE-2016-10565 Source advisory: OSV:GHSA-2WRQ-WMQF-8VCC...

GHSA-2WRQ-WMQF-8VCC Downloads Resources over HTTP in operadriver

operadriver is a Opera Driver for Selenium. operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attack...

CVE-2016-10565

operadriver is a Opera Driver for Selenium. operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attack...

CVE-2016-10565

operadriver is a Opera Driver for Selenium. operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attack...

Remote code execution

operadriver is a Opera Driver for Selenium. operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attack...

CVE-2016-10565

operadriver is a Opera Driver for Selenium. operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attack...

CVE-2016-10565

CVE-2016-10565 affects operadriver (Opera Driver for Selenium). The vulnerability arises because operadriver versions below 0.2.3 download binary resources over HTTP, enabling potential MITM manipulation of the downloaded binary. The attacker could substitute the binary with a malicious one if po...

Man In The Middle (MitM)

operadriver is vulnerable to man-in-the-middle MitM attacks. This is because the library downloads binary resources via HTTP, allowing MitM attacks. It may also cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the networ...

Downloads Resources over HTTP

Overview operadriver is a Opera Driver for Selenium. operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if t...