6 matches found
SUSE CVE-2025-59410
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the code in the scheduler for downloading a tiny file is hard coded to use the HTTP protocol, rather than HTTPS. This means that an attacker could perform a Man-in-the-Middle attack, changing th...
GO-2025-3974 DragonFly's tiny file download uses hard coded HTTP protocol in d7y.io/dragonfly
DragonFly's tiny file download uses hard coded HTTP protocol in d7y.io/dragonfly...
GHSA-MCVP-RPGG-9273 DragonFly's tiny file download uses hard coded HTTP protocol
Impact The code in the scheduler for downloading a tiny file is hard coded to use the HTTP protocol, rather than HTTPS. This means that an attacker could perform a Man-in-the-Middle attack, changing the network request so that a different piece of data gets downloaded. Due to the use of weak...
DragonFly's tiny file download uses hard coded HTTP protocol
Impact The code in the scheduler for downloading a tiny file is hard coded to use the HTTP protocol, rather than HTTPS. This means that an attacker could perform a Man-in-the-Middle attack, changing the network request so that a different piece of data gets downloaded. Due to the use of weak...
CVE-2025-59410
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the code in the scheduler for downloading a tiny file is hard coded to use the HTTP protocol, rather than HTTPS. This means that an attacker could perform a Man-in-the-Middle attack, changing th...
CVE-2025-59410 Dragonfly tiny file download uses hard coded HTTP protocol
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the code in the scheduler for downloading a tiny file is hard coded to use the HTTP protocol, rather than HTTPS. This means that an attacker could perform a Man-in-the-Middle attack, changing th...