2 matches found
CVE-2016-10625
headless-browser-lite is a minimal npm installer for phantomjs and slimerjs with no external dependencies. headless-browser-lite downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested...
CVE-2016-10625
CVE-2016-10625 affects headless-browser-lite, a minimal npm installer for phantomjs/slimerjs. The vulnerability arises from downloading binary resources over HTTP, enabling an attacker on the network to perform a MITM swap of the requested binary, potentially leading to remote code execution on t...