CVE-2016-10578

Publication date

2018-05-29 20:00:00

Family

hackerone

State

PUBLISHED

Description

unicode loads unicode data downloaded from unicode.org into nodejs. Unicode before 9.0.0 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks.