CVE-2016-10673
N/A
N/A
Summary
ipip-coffee queries geolocation information from IP ipip-coffee downloads geolocation resources over HTTP, which leaves it vulnerable to MITM attacks. This could impact the integrity and availability of the data being used to make geolocation decisions by an application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HackerOne | ipip-coffee node module | All versions | affected |
Weaknesses
- CWE-311: Missing Encryption of Sensitive Data (CWE-311)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.