Количество 2
Количество 2
CVE-2025-59410
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the code in the scheduler for downloading a tiny file is hard coded to use the HTTP protocol, rather than HTTPS. This means that an attacker could perform a Man-in-the-Middle attack, changing the network request so that a different piece of data gets downloaded. This vulnerability is fixed in 2.1.0.
GHSA-mcvp-rpgg-9273
DragonFly's tiny file download uses hard coded HTTP protocol
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-59410 Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the code in the scheduler for downloading a tiny file is hard coded to use the HTTP protocol, rather than HTTPS. This means that an attacker could perform a Man-in-the-Middle attack, changing the network request so that a different piece of data gets downloaded. This vulnerability is fixed in 2.1.0. | CVSS3: 3.7 | 0% Низкий | 5 месяцев назад |
| GHSA-mcvp-rpgg-9273 DragonFly's tiny file download uses hard coded HTTP protocol | CVSS3: 3.7 | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу