MidnightBSD

Advisories for geoip-lite-country_project

CVE-2016-10568 MEDIUM

geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country before 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,CWE-310,

Products Affected

Vendor Product Version
geoip-lite-country_project geoip-lite-country *