Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2019/02/18 11:54 p.m.3 views

amaze-tdd (>=0.0.9 <=0.2.5) potentially affected by CVE-2016-10562 via iedriver (=2.53.1)

iedriver NPM version =2.53.1 is affected by a known vulnerability. The following packages have a transitive dependency on iedriver and may be impacted: - amaze-tdd =0.0.9, =0.2.5 Source cves: CVE-2016-10562 Source advisory: OSV:GHSA-JFGQ-G48X-JQ83...

9.3CVSS7.2AI score0.01682EPSS
Exploits0
OSV
OSV
added 2018/05/31 8:29 p.m.3 views

CVE-2016-10562

iedriver is an NPM wrapper for Selenium IEDriver. iedriver versions below 3.0.0 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if...

8.1CVSS6.3AI score0.01682EPSS
Exploits0References1
CVE
CVE
added 2018/05/31 8:0 p.m.79 views

CVE-2016-10562

CVE-2016-10562 affects the npm wrapper for Selenium IEDriver, iedriver . The vulnerability arises because versions below 3.0.0 download binary resources over HTTP, enabling a network-level MITM attacker to swap the requested binary with a malicious one and potentially trigger remote code executio...

9.3CVSS8.3AI score0.01682EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/05/31 8:0 p.m.32 views

CVE-2016-10562

iedriver is an NPM wrapper for Selenium IEDriver. iedriver versions below 3.0.0 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if...

8.4AI score0.01682EPSS
Exploits0References1
Rows per page
Query Builder