VYPR

npm package

strider-sauce

pkg:npm/strider-sauce

Vulnerabilities (1)

  • CVE-2016-10611HigMay 29, 2018
    affected <= 0.6.2

    strider-sauce is Sauce Labs / Selenium support for Strider. strider-sauce downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested zip file with an attacker controlled z