CVE-2016-10613

Name of the Vulnerable Software and Affected Versions bionode-sra versions (affected versions not specified)

Description The issue concerns the insecure download of resources over HTTP, making it susceptible to man-in-the-middle (MITM) attacks. In scenarios where an attacker has a privileged network position, they can modify or read resources at will. The impact severity varies and can range from reading sensitive information to remote code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider avoiding the use of this package and use a different package if available. Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network.