EUVD-2018-0429

Malware in sbrugna...

grunt-images remote code execution vulnerability

grunt-images is a grunt plugin for working with images. A security vulnerability exists in grunt-images that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the requested binary with an attacker-controll...

Man-in-the-Middle(MitM)

Grunt-Images is susceptible to man-in-the-middle MitM attacks. The attacker can download binary resources via HTTP, allowing MitM attacks. Since the attacker can replace the requested binary with its controlled binary if the attacker is on the network or positioned in between the user and the...

CVE-2016-10645

grunt-images is a grunt plugin for processing images. grunt-images downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on...

CVE-2016-10645

grunt-images is a grunt plugin for processing images. grunt-images downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on...

CVE-2016-10645

grunt-images is a grunt plugin for processing images. grunt-images downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on...

CVE-2016-10645

grunt-images is affected by a vulnerability where it downloads binary resources over HTTP, enabling a man-in-the-middle attacker with network access to swap the binary and potentially trigger remote code execution. The issue is due to insecure HTTP download of executables, with high impact for co...