2 matches found
react-native-baidu-voice-synthesizer code execution vulnerability
react-native-baidu-voice-synthesizer is a speech synthesizer for use in Node.js. A security vulnerability exists in react-native-baidu-voice-synthesizer, which originates when the program downloads a binary file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerabilit...
CVE-2016-10697
react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources...