Vulnerabilities/

node-browser downloads Resources over HTTP

Severity:: High

Description

Affected versions of node-browser insecurely downloads resources over HTTP.

In scenarios where an attacker has a privileged network position, they can modify or read such resources at will.

Recommendation

No fix is available yet. Followings are affected versions:

<= 0.0.3

References

Related Issues

Tags:: npm; node-browser

Anything's wrong? Let us know Last updated on September 08, 2023