GHSA-7MVR-C777-76HP Playwright downloads and installs browsers without verifying the authenticity of the SSL certificate
Summary Use of curl with the -k or --insecure flag in installer scripts allows attackers to deliver arbitrary executables via Man-in-the-Middle MitM attacks. This can lead to full system compromise, as the downloaded files are installed as privileged applications. Details The following scripts in...