9 matches found
ipip-coffee downloads Resources over HTTP
Affected versions of ipip-coffee insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decisions by an...
GHSA-M8PW-H8QJ-RGJ9 ipip-coffee downloads Resources over HTTP
Affected versions of ipip-coffee insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decisions by an...
Unspecified vulnerability in ipip-coffee
ipip-coffee is an IP database query module for Node.js. A security vulnerability exists in ipip-coffee that originates when the program downloads resources over HTTP. An attacker can exploit this vulnerability to conduct a man-in-the-middle attack, affecting the integrity and availability of data...
CVE-2016-10673
ipip-coffee queries geolocation information from IP ipip-coffee downloads geolocation resources over HTTP, which leaves it vulnerable to MITM attacks. This could impact the integrity and availability of the data being used to make geolocation decisions by an application...
Code injection
ipip-coffee queries geolocation information from IP ipip-coffee downloads geolocation resources over HTTP, which leaves it vulnerable to MITM attacks. This could impact the integrity and availability of the data being used to make geolocation decisions by an application...
CVE-2016-10673
ipip-coffee is vulnerable to MITM attacks because it downloads geolocation resources over HTTP. The root cause is unencrypted HTTP resource retrieval, which can allow an attacker with a privileged network position to modify or read resources, impacting the integrity and availability of geolocatio...
CVE-2016-10673
ipip-coffee queries geolocation information from IP ipip-coffee downloads geolocation resources over HTTP, which leaves it vulnerable to MITM attacks. This could impact the integrity and availability of the data being used to make geolocation decisions by an application...
Man In The Middle (MitM)
ipip-coffee is vulnerable to man-in-the-middle MitM attacks. It downloads geolocation resources over HTTP, which leaves it vulnerable to MitM attacks. This could impact the integrity and availability of the data being used to make geolocation decisions by an application...
Downloads Resources over HTTP
Overview Affected versions of ipip-coffee insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decision...