CVE-2016-10619
N/A
N/A
Summary
pennyworth is a natural language templating engine. pennyworth downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HackerOne | pennyworth node module | All versions | affected |
Weaknesses
- CWE-311: Missing Encryption of Sensitive Data (CWE-311)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.