GHSA-C2VR-2C89-PH88 Downloads Resources over HTTP in node-bsdiff-android

Affected versions of node-bsdiff-android insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and depends on th...

Downloads Resources over HTTP in node-bsdiff-android

Affected versions of node-bsdiff-android insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and depends on th...

Unspecified vulnerability in node-bsdiff-android

node-bsdiff-android is a differential upgrade tool for Android applications. A security vulnerability exists in node-bsdiff-android that originates when the program downloads binary resources over the HTTP protocol. An attacker can exploit the vulnerability to modify or read the downloaded...

CVE-2016-10641

node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks...

Code injection

node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks...

CVE-2016-10641

node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks...

CVE-2016-10641

node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks...

CVE-2016-10641

CVE-2016-10641 affects the Android package node-bsdiff-android , where resources are downloaded over HTTP. The underlying vulnerability allows an attacker with network access to modify or read downloaded resources, creating potential for data exposure and, in some scenarios, remote code execution...