Description
install-g-test downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
Remediation
References
https://nodesecurity.io/advisories/228
Related Vulnerabilities
CVE-2019-17359 Vulnerability in maven package org.bouncycastle:bcprov-ext-jdk15on
CVE-2019-0225 Vulnerability in maven package org.apache.jspwiki:jspwiki-builder
CVE-2020-13445 Vulnerability in maven package com.liferay:com.liferay.portal.template.velocity
CVE-2021-46704 Vulnerability in npm package genieacs
CVE-2021-20293 Vulnerability in maven package org.jboss.resteasy:resteasy-core