Количество 2
Количество 2
CVE-2016-10534
electron-packager is a command line tool that packages Electron source code into `.app` and `.exe` packages. along with Electron. The `--strict-ssl` command line option in electron-packager >= 5.2.1 <= 6.0.0 || >=6.0.0 <= 6.0.2 defaults to false if not explicitly set to true. This could allow an attacker to perform a man in the middle attack.
GHSA-q43m-ffwr-rpcc
SSL Validation Defaults to False in electron-packager
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-10534 electron-packager is a command line tool that packages Electron source code into `.app` and `.exe` packages. along with Electron. The `--strict-ssl` command line option in electron-packager >= 5.2.1 <= 6.0.0 || >=6.0.0 <= 6.0.2 defaults to false if not explicitly set to true. This could allow an attacker to perform a man in the middle attack. | CVSS3: 5.9 | 0% Низкий | больше 7 лет назад |
| GHSA-q43m-ffwr-rpcc SSL Validation Defaults to False in electron-packager | 0% Низкий | почти 7 лет назад |
Уязвимостей на страницу