8 matches found
GHSA-H2JV-5V3F-7M7J Downloads Resources over HTTP in adamvr-geoip-lite
Affected versions of adamvr-geoip-lite insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decisions b...
Downloads Resources over HTTP in adamvr-geoip-lite
Affected versions of adamvr-geoip-lite insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decisions b...
adamvr-geoip-lite file download vulnerability
adamvr-geoip-lite is an API provided for IP geo-mapping data files. A file download vulnerability exists in adamvr-geoip-lite that originates when a program downloads geoip resources over the HTTP protocol. An attacker could use this vulnerability to read or modify the resource, affecting the...
CVE-2016-10680
adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an...
CVE-2016-10680
adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an...
CVE-2016-10680
adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an...
CVE-2016-10680
CVE-2016-10680 affects adamvr-geoip-lite, a lightweight native JavaScript GeoIP API. The underlying issue is that geoip resources are downloaded over HTTP, making them susceptible to MITM modification or reading. This can compromise the integrity and availability of geolocation data used by an ap...
Man In The Middle (MitM)
adamvr-geoip-lite is vulnerable to man-in-the-middle MitM attacks via downloading geoip resources over HTTP. This impacts the integrity and availability of this geoip data that may alter the decisions made by an application using this data...