CVE-2016-10585
CVE-2016-10585 affects libxl bindings for Node.js. The library downloads zipped resources over HTTP, enabling MITM attacks that could allow an attacker in a privileged network position to swap the downloaded zip with a malicious one, potentially causing remote code execution on the host running l...