CVE-2016-10534
CVE-2016-10534 affects electron-packager where the --strict-ssl option is defaulted to false in versions 5.2.1–6.0.0 and 6.0.0–6.0.2 unless explicitly set to true. This enables potential MITM attacks during Electron downloads for supported targets. Connected advisories corroborate the MITM risk a...