CVE-2016-10568

Name of the Vulnerable Software and Affected Versions geoip-lite-country versions prior to 1.1.4

Description The issue concerns the insecure download of data resources over HTTP, making it susceptible to man-in-the-middle (MITM) attacks. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. The impact of this issue can range from being able to read sensitive information to remote code execution, depending on the package's behavior.

Recommendations Update to version 1.1.4 or later.