Description
cobalt-cli downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
Remediation
References
https://nodesecurity.io/advisories/197
Related Vulnerabilities
CVE-2021-23337 Vulnerability in maven package org.fujion.webjars:lodash
CVE-2016-10608 Vulnerability in npm package robot-js
CVE-2022-39218 Vulnerability in npm package @fastly/js-compute
CVE-2021-28092 Vulnerability in npm package is-svg
CVE-2017-2599 Vulnerability in maven package org.jenkins-ci.main:jenkins-core