Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The hubl-server module is a wrapper for the HubL Development Server. During installation hubl-server downloads a set of dependencies from api.hubapi.com. It appears in the code that these files are downloaded over HTTPS however the api.hubapi.com endpoint redirects to a HTTP url. Because of this behavior an attacker with the ability to man-in-the-middle a developer or system performing a package installation could compromise the integrity of the installation.
CVSS Information
N/A
Vulnerability Type
敏感数据加密缺失
Vulnerability Title
hubl-server模块安全漏洞
Vulnerability Description
hubl-server module是一个用于安装hudl服务器的模块。 hubl-server模块中存在安全漏洞,该漏洞源于程序使用HTTP协议下载资源。攻击者可利用该漏洞在系统上执行代码。
CVSS Information
N/A
Vulnerability Type
N/A