4 matches found
selenium-web-checker (>=1.0.0 <=1.0.3), webdriver-sync (>=1.0.0 <=1.0.1) potentially affected by CVE-2016-10589 via selenium-binaries (>=0.11.0 <=0.13.11)
selenium-binaries NPM version =0.11.0, =1.0.0, =1.0.0, =1.0.1 Source cves: CVE-2016-10589 Source advisory: OSV:GHSA-H4MC-R4F4-HCF4...
CVE-2016-10589
selenium-binaries downloads Selenium related binaries for your OS. selenium-binaries downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if t...
CVE-2016-10589
Summary: The CVE-2016-10589 issue affects the npm package selenium-binaries, which downloads Selenium binaries over HTTP. The underlying vulnerability is a MITM risk that can lead to remote code execution if a malicious binary is swapped during transmission. The connected advisories consistently ...
CVE-2016-10589
selenium-binaries downloads Selenium related binaries for your OS. selenium-binaries downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if t...