CVE-2016-10647
The CVE-2016-10647 issue affects node-air-sdk, an AIR SDK for Node.js, which downloads binary resources over HTTP. This creates a MITM risk that could allow an attacker in a privileged network position to replace the requested binary with a malicious one, potentially leading to remote code execut...