VYPR
High severityNVD Advisory· Published Mar 21, 2020· Updated Aug 4, 2024

CVE-2020-10800

CVE-2020-10800

Description

lix through 15.8.7 allows man-in-the-middle attackers to execute arbitrary code by modifying the HTTP client-server data stream so that the Location header is associated with attacker-controlled executable content in the postDownload field.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
lixnpm
<= 15.11.4

Affected products

2
  • lix/lixdescription
  • ghsa-coords
    Range: <= 15.11.4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.