CVE-2016-10615
The CVE-2016-10615 issue affects the curses package, where the library downloads binary resources over HTTP. The underlying problem is insecure HTTP delivery, enabling a MitM attacker to swap the requested binary, potentially leading to remote code execution on the host. The connected advisories ...