CVE-2016-10570

Name of the Vulnerable Software and Affected Versions pngcrush-installer versions prior to 1.8.10

Description The issue concerns the insecure download of binary resources over HTTP, making it susceptible to man-in-the-middle (MITM) attacks. If an attacker is positioned on the network or between the user and the remote server, they may be able to swap the requested binary with an attacker-controlled binary, potentially leading to remote code execution (RCE).

Recommendations Update to version 1.8.10 or later.