Moderate severityNVD Advisory· Published Jun 1, 2018· Updated Sep 17, 2024
CVE-2016-10592
CVE-2016-10592
Description
jser-stat is a JSer.info stat library. jser-stat downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
jser-statnpm | <= 4.0.3 | — |
Affected products
1- Range: All versions
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/advisories/GHSA-5w4p-h4gm-3w26ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-10592ghsaADVISORY
- github.com/jser/stat-js/blob/master/data/url-mapping.jsghsax_refsource_MISCWEB
- nodesecurity.io/advisories/188mitrex_refsource_MISC
- www.npmjs.com/advisories/188ghsaWEB
News mentions
0No linked articles in our index yet.