CVE-2016-10594

CVE-2016-10594 concerns the Node.js package ipip, which downloads data resources over HTTP from ipip.net. The root cause is insecure HTTP fetches, enabling a network attacker with position to modify or read the resources, potentially leading to information disclosure and, in some configurations, ...

CVE-2016-10599

sauce-connect is a Node.js wrapper over the SauceLabs SauceConnect.jar program for establishing a secure tunnel for intranet testing. sauce-connect downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping o...

CVE-2016-10596

imageoptim is a Node.js wrapper for some images compression algorithms. imageoptim downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested tarball with an attacker controlled tarball if t...

CVE-2016-10613

Summary (CVE-2016-10613) : The bionode-sra Node.js wrapper for the SRA Toolkit downloads data over HTTP, creating susceptibility to man-in-the-middle (MitM) attacks when an attacker can position themselves on the network. The issue arises from not preventing HTTP downloads of resources (including...

CVE-2016-10598

CVE-2016-10598 affects the Node.js module arrayfire-js . The vulnerability arises because it downloads binary resources over HTTP, enabling MitM interception. If an attacker on the network can swap the requested binary with a malicious one, remote code execution (RCE) may be possible on the host ...

CVE-2016-10582

Closurecompiler (Node.js) is affected by a vulnerability where it downloads binary resources over HTTP, enabling MITM interference and potentially remote code execution if an attacker can replace the binary in transit. On the connected advisories, the issue is described for closurecompiler with t...

CVE-2016-10599

The CVE-2016-10599 issue affects sauce-connect (Node.js wrapper around SauceConnect.jar). It arises because sauce-connect downloads binaries over HTTP, enabling MITM tampering where an attacker between the user and the server can replace the binary, potentially causing remote code execution on th...

CVE-2016-10633

CVE-2016-10633 affects dwebp-bin, a Node.js wrapper for dwebp that converts WebP to PNG. The vulnerability arises because it downloads binary resources over HTTP, enabling MITM tampering. An attacker on the network could swap the requested binary with a malicious one, potentially triggering remot...

CVE-2016-10623

CVE-2016-10623 affects the Node.js wrapper macaca-chromedriver-zxa. The component downloads binary resources over HTTP, creating a MITM risk where an attacker on the network could replace the binary and cause remote code execution. Mitigation from advisories: force HTTPS by setting CHROMEDRIVER_C...

CVE-2016-10633

dwebp-bin is a dwebp node.js wrapper that convert WebP into PNG. dwebp-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacke...

CVE-2016-10613

bionode-sra is a Node.js wrapper for SRA Toolkit. bionode-sra downloads data resources over HTTP, which leaves it vulnerable to MITM attacks...

CVE-2016-10575

CVE-2016-10575 affects the kindlegen Node.js wrapper. Versions before 1.1.0 download binary resources over HTTP, which makes them vulnerable to man‑in‑the‑middle attacks. An attacker on the network or between the user and the remote server could swap the requested binary with a malicious one, pot...

Node.js third-party modules: [markdown-pdf] Local file reading

I would like to report local file reading in markdown-pdf It allows to insert a malicious html code, which allows to read the local files. Module module name: markdown-pdf version: 8.1.1 npm page: https://www.npmjs.com/package/markdown-pdf Module Description Node module that converts Markdown fil...

CVE-2016-10557

appium-chromedriver is a Node.js wrapper around Chromedriver. Versions below 2.9.4 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary...

CVE-2016-10571

bkjs-wand is imagemagick wand support for node.js and backendjs bkjs-wand versions lower than 0.3.2 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controll...

CVE-2016-10557

appium-chromedriver is a Node.js wrapper around Chromedriver. Versions below 2.9.4 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary...

CVE-2016-10536

engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. The vulnerability is related to the way that node.js handles the rejectUnauthorized setting. If the value is something that evaluates ...

CVE-2016-10539

negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string...

CVE-2016-10536

engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. The vulnerability is related to the way that node.js handles the rejectUnauthorized setting. If the value is something that evaluates ...

CVE-2016-10539

negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string...