CVE-2016-10631
CVE-2016-10631 affects the jvminstall module, which downloads binaries over HTTP. The root cause is insecure HTTP downloads, enabling MITM interception and the possibility of swapping the binary with a poisoned one, potentially causing remote code execution if an attacker sits between the user an...