5 matches found
react-native-baidu-voice-synthesizer code execution vulnerability
react-native-baidu-voice-synthesizer is a speech synthesizer for use in Node.js. A security vulnerability exists in react-native-baidu-voice-synthesizer, which originates when the program downloads a binary file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerabilit...
CVE-2016-10697
react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources...
CVE-2016-10697
react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources...
CVE-2016-10697
react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources...
CVE-2016-10697
The vulnerability CVE-2016-10697 affects react-native-baidu-voice-synthesizer, which downloads resources over HTTP. The underlying issue is unencrypted network requests, enabling MITM interception and potential remote code execution by substituting resources with attacker-controlled copies. Multi...