CVE-2016-10635

Name of the Vulnerable Software and Affected Versions broccoli-closure versions prior to 1.3.1

Description The issue concerns the insecure download of binary resources over HTTP, making it susceptible to man-in-the-middle (MITM) attacks. An attacker with a privileged network position could intercept the response and replace the executable with a malicious one, potentially leading to remote code execution (RCE) on the system running the affected software.

Recommendations Update to version 1.3.1 or later.