VYPR

npm package

marionette-socket-host

pkg:npm/marionette-socket-host

Vulnerabilities (1)

  • CVE-2016-10648HigJun 4, 2018
    affected <= 0.1.1

    marionette-socket-host is a marionette-js-runner host for sending actions over a socket. marionette-socket-host downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested