VYPR

npm package

pm2-kafka

pkg:npm/pm2-kafka

Vulnerabilities (1)

  • CVE-2016-10693HigJun 4, 2018
    affected >= 0.0.0

    pm2-kafka is a PM2 module that installs and runs a kafka server pm2-kafka downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled