2 matches found
CVE-2017-16035
The hubl-server module is a wrapper for the HubL Development Server. During installation hubl-server downloads a set of dependencies from api.hubapi.com. It appears in the code that these files are downloaded over HTTPS however the api.hubapi.com endpoint redirects to a HTTP url. Because of this...
CVE-2017-16035
CVE-2017-16035 concerns the hubl-server module (HubL Development Server wrapper). Connected sources confirm that during installation hubl-server downloads dependencies from api.hubapi.com, which initially uses HTTPS but redirects to HTTP, enabling a man-in-the-middle to compromise installation in...