High severity8.1NVD Advisory· Published Jun 4, 2018· Updated Jun 17, 2026
CVE-2016-10673
CVE-2016-10673
Description
ipip-coffee queries geolocation information from IP ipip-coffee downloads geolocation resources over HTTP, which leaves it vulnerable to MITM attacks. This could impact the integrity and availability of the data being used to make geolocation decisions by an application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ipip-coffeenpm | <= 1.0.9 | — |
Affected products
2- HackerOne/ipip-coffee node modulev5Range: All versions
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-m8pw-h8qj-rgj9ghsaADVISORY
- nodesecurity.io/advisories/279nvdThird Party Advisory
- nvd.nist.gov/vuln/detail/CVE-2016-10673ghsaADVISORY
- www.npmjs.com/advisories/279ghsaWEB
News mentions
0No linked articles in our index yet.