Lucene search
Veracode Vulnerability DatabaseVERACODE:3208HistoryJan 03, 2017 - 6:57 a.m.
Arbitrary Code Execution Via Man-in-the-Middle (MitM)
2017-01-0306:57:02
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.002 Low
EPSS
Percentile
54.7%
npm-test-sqlite3-trunk is vulnerable to man-in-the-middle attacks. The library downloads binaries via HTTP, potentially causing a remote code execution (RCE) vulnerability exploitable by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| npm-test-sqlite3-trunk | eq | 2.2.2 |
References
Related
nodejs
nodejs
Downloads Resources over HTTP
2016-12-02 04:58:08
cve
cve
CVE-2016-10695
2018-06-04 19:29:00
prion
prion
Remote code execution
2018-06-04 19:29:00
nvd
nvd
CVE-2016-10695
2018-06-04 19:29:00
cvelist
cvelist
CVE-2016-10695
2018-04-26 00:00:00
osv
osv
Downloads Resources over HTTP in npm-test-sqlite3-trunk
2020-09-01 16:15:28
CVE-2016-10695
2018-06-04 19:29:00
github
github
Downloads Resources over HTTP in npm-test-sqlite3-trunk
2020-09-01 16:15:28