CVE-2016-10683
CVE-2016-10683 involves arcanist downloading resources over HTTP, enabling MITM interception and potential remote code execution by substituting attacker-controlled content. The connected advisories (GHSA-G7W9-VM5M-48Q8, OSV, CNVD, etc.) reiterate that affected arcanist versions insecurely fetch ...