CVE-2016-10652
N/A
N/A
Summary
prebuild-lwip is a module for comprehensive, fast, and simple image processing and manipulation. prebuild-lwip downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HackerOne | prebuild-lwip node module | All versions | affected |
Weaknesses
- CWE-311: Missing Encryption of Sensitive Data (CWE-311)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.