Design/Logic Flaw

The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...

CVE-2017-7820

CVE-2017-7820 : The Firefox

CVE-2017-7831

A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "exposedProps" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox 57...

CVE-2017-7820

The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...

CVE-2017-7831

CVE-2017-7831 affects Firefox before 57. The vulnerability arises from the security wrapper not denying access to some exposed properties via the deprecated exposedProps mechanism on proxy objects. Multiple connected Nessus entries map this CVE to Firefox < 57.0 and refer to Mozilla’s mfsa2017...

CVE-2017-7820

The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...

CVE-2017-7831

A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "exposedProps" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox 57...

OpenJDK: GSS context use-after-free (JGSS, 8186212)

It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context...

Man-in-the-Middle (MitM)

mystem-wrapper is vulnerable to man-in-the-middle MitM attacks. This is because they download binary resources via HTTP, allowing MitM attacks. Also, it may potentially cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on th...

CVE-2016-10686

fis-sass-all is another libsass wrapper for node. fis-sass-all downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the...

CVE-2016-10671

mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is ...

CVE-2016-10664

mystem is a Node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if th...

CVE-2016-10671

mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is ...

Remote code execution

slimerjs-edge is a npm wrapper for installing the bleeding edge version of slimerjs. slimerjs-edge downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controll...

CVE-2016-10646

resourcehacker is a Node wrapper of Resource Hacker windows executable resource editor. resourcehacker downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...

CVE-2016-10644

slimerjs-edge is a npm wrapper for installing the bleeding edge version of slimerjs. slimerjs-edge downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controll...

Remote code execution

mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is ...

CVE-2016-10646

CVE-2016-10646 affects the Node wrapper resourcehacker, which downloads binary resources over HTTP. The underlying issue is insecure HTTP delivery, enabling MITM attackers to intercept the response and replace the requested binary with attacker-controlled code, potentially leading to remote code ...

CVE-2016-10662

CVE-2016-10662 affects the tomita node wrapper for Yandex Tomita Parser. The vulnerability arises because tomita downloads binary resources over HTTP, allowing a network-positioned attacker to perform a MITM and replace the resource with a malicious binary, potentially leading to remote code exec...

CVE-2016-10663

CVE-2016-10663 affects wixtoolset (Node wrapper around wixtoolset binaries): it downloads binary resources over HTTP, enabling MITM modification of the requested file and potentially remote code execution. Descriptions across multiple sources confirm the root cause is unencrypted HTTP downloads t...