VYPR
High severity8.1NVD Advisory· Published May 31, 2018· Updated Jun 17, 2026

CVE-2016-10563

CVE-2016-10563

Description

During the installation process, the go-ipfs-deps module before 0.4.4 insecurely downloads resources over HTTP. This allows for a MITM attack to compromise the integrity of the resources used by this module and could allow for further compromise.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
go-ipfs-depnpm
< 0.4.40.4.4

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.