Description
ikst versions before 1.1.2 download resources over HTTP, which leaves it vulnerable to MITM attacks.
Remediation
References
https://nodesecurity.io/advisories/249
Related Vulnerabilities
CVE-2021-21391 Vulnerability in npm package ckeditor5-engine
CVE-2017-3159 Vulnerability in maven package org.apache.camel:camel-snakeyaml
CVE-2021-3645 Vulnerability in npm package @viking04/merge
CVE-2022-0265 Vulnerability in maven package com.hazelcast:hazelcast
CVE-2023-47326 Vulnerability in maven package org.silverpeas.core:silverpeas-core