High severityNVD Advisory· Published Mar 21, 2020· Updated Aug 4, 2024
CVE-2020-10800
CVE-2020-10800
Description
lix through 15.8.7 allows man-in-the-middle attackers to execute arbitrary code by modifying the HTTP client-server data stream so that the Location header is associated with attacker-controlled executable content in the postDownload field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
lixnpm | <= 15.11.4 | — |
Affected products
2- lix/lixdescription
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-q8xg-8xwf-m598ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-10800ghsaADVISORY
- www.npmjs.com/advisories/1306ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.