CVE-2016-10640
node-thulac, a Node binding for thulac, downloads binary resources over HTTP, making it vulnerable to MITM attacks. The available sources (NVD/NPM advisory/GHSA/OSV) describe potential remote code execution if an attacker on the network swaps the requested binary with a malicious one. Affected ve...