VYPR
High severity8.1NVD Advisory· Published May 29, 2018· Updated Jun 17, 2026

CVE-2016-10578

CVE-2016-10578

Description

unicode loads unicode data downloaded from unicode.org into nodejs. Unicode before 9.0.0 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
unicodenpm
< 9.0.09.0.0

Affected products

2
  • ghsa-coords
    Range: < 9.0.0
  • HackerOne/unicode node modulev5
    Range: < 9.0.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.