CVE-2016-10596 in imageoptiminformación

Resumen

por MITRE

imageoptim is a Node.js wrapper for some images compression algorithms. imageoptim downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested tarball with an attacker controlled tarball if the attacker is on the network or positioned in between the user and the remote server.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

2017-10-29

Divulgación

2018-06-01

Moderación

aceptado

Artículo

VDB-118506

CPE

listo

EPSS

0.01069

KEV

no

Actividades

muy bajo

Fuentes

Want to know what is going to be exploited?

We predict KEV entries!