CVE-2016-10691
CVE-2016-10691 affects the windows-seleniumjar package, which downloads the Selenium Jar over HTTP. The underlying issue is insecure binary/resource retrieval that can be intercepted in a privileged network position, enabling an attacker to swap the downloaded binary and potentially achieve remot...