VYPR

npm package

roslib-socketio

pkg:npm/roslib-socketio

Vulnerabilities (1)

  • CVE-2016-10681HigMay 29, 2018
    affected >= 0.0.0

    roslib-socketio - The standard ROS Javascript Library fork for add support to socket.io roslib-socketio downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resource