mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
19 lines
495 B
TOML
19 lines
495 B
TOML
[advisory]
|
|
id = "RUSTSEC-2016-0003"
|
|
package = "portaudio"
|
|
date = "2016-08-01"
|
|
title = "HTTP download and execution allows MitM RCE"
|
|
url = "https://github.com/RustAudio/rust-portaudio/issues/144"
|
|
keywords = ["ssl", "mitm"]
|
|
description = """
|
|
The build script in the portaudio crate will attempt to download via HTTP
|
|
the portaudio source and build it.
|
|
|
|
A Mallory in the middle can intercept the download with their own archive
|
|
and get RCE.
|
|
"""
|
|
aliases = ["CVE-2016-10933"]
|
|
|
|
[versions]
|
|
patched = []
|