14 matches found
EUVD-2019-0215
Malware in sbrugna...
GHSA-432J-4FW9-2G6F libsbml downloads Resources over HTTP
Affected versions of libsbml insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...
libsbmlsim (>=0.0.1 <=0.0.2) potentially affected by CVE-2016-10668 via libsbml (=0.0.2)
libsbml NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on libsbml and may be impacted: - libsbmlsim =0.0.1, =0.0.2 Source cves: CVE-2016-10668 Source advisory: OSV:GHSA-432J-4FW9-2G6F...
libsbml downloads Resources over HTTP
Affected versions of libsbml insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...
libsbml Remote Code Execution Vulnerability
libsbml is an open source application for reading, writing, translating and validating SBML files and data streams. A security vulnerability exists in libsbml that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the...
Man-in-the-Middle (MitM)
libsbml is vulnerable to man-in-the-middle MitM attacks. This is because they download binary resources via HTTP, allowing MitM attacks. Also, it may potentially cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the netwo...
CVE-2016-10668
libsbml is a module that installs Linux binaries for libSBML libsbml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the...
CVE-2016-10668
libsbml is a module that installs Linux binaries for libSBML libsbml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the...
Remote code execution
libsbml is a module that installs Linux binaries for libSBML libsbml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the...
CVE-2016-10668
libsbml is a module that installs Linux binaries for libSBML libsbml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the...
CVE-2016-10668
CVE-2016-10668 affects libsbml, where the installer downloads Linux binaries/resources over unencrypted HTTP, creating a MITM risk. An attacker on the network or in a position between the user and the remote server could swap requested resources with a malicious copy, potentially causing remote c...
Fedora 23 : COPASI-4.16-0.19.20150817git3bc4e9.fc23 (2015-f2d45d982b)
Hardened rebuild on Fedora 23 - Rebuilt for libsbml-5.12.0 and Python3.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 22 : COPASI-4.16-0.19.20150817git3bc4e9.fc22 (2015-5e566cf3e8)
Hardened rebuild on Fedora 23 - Rebuilt for libsbml-5.12.0 and Python3.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
[SECURITY] Fedora 23 Update: libsedml-0.3.1-4.fc23
C++ library that fully supports SED-ML Simulation Experiment Description Markup Language for SBML as well as CellML models for creation of the description just as for the execution of Simulation Experiments. This project makes use of libSBML XML layer as well as code generation as starting point ...