CVE-2016-10680

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-10680
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10680.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-10680
Aliases
Published
2018-05-29T20:29:01Z
Modified
2024-09-03T01:04:57.942074Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an application using this data.

References

Affected packages

Git / github.com/bluesmoon/node-geoip

Affected ranges

Type
GIT
Repo
https://github.com/bluesmoon/node-geoip
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

v1.*

v1.0.7
v1.0.8
v1.0.9
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.1.9
v1.2.0