CVE-2016-10644

Name of the Vulnerable Software and Affected Versions slimerjs-edge versions (affected versions not specified)

Description The issue allows for a man-in-the-middle (MITM) attack due to the insecure download of binary resources over HTTP. This could potentially lead to remote code execution (RCE) if an attacker intercepts the download and replaces the binary with a malicious one. The attack is feasible if the attacker has a privileged network position.

Recommendations For all affected versions, consider avoiding the use of this package until a secure version is available. As a mitigation measure, avoid installing this package while connected to a public network to reduce the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.