Description
node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
Remediation
References
https://nodesecurity.io/advisories/234
Related Vulnerabilities
CVE-2021-43980 Vulnerability in maven package org.apache.tomcat:tomcat
CVE-2019-10301 Vulnerability in maven package org.jenkins-ci.plugins:gitlab-plugin
CVE-2022-22984 Vulnerability in npm package @snyk/snyk-hex-plugin
CVE-2017-11341 Vulnerability in maven package org.webjars.npm:node-sass
CVE-2014-7810 Vulnerability in maven package org.apache.tomcat:el-api