CVE-2016-10608
CVE-2016-10608 affects the robot-js module used for native system automation in Node.js. The vulnerability arises because robot-js downloads binary resources over HTTP, enabling a MITM attacker in a privileged network position to intercept the response and replace the binary with a malicious one,...