Description
install-g-test downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
Remediation
References
https://nodesecurity.io/advisories/228
Related Vulnerabilities
CVE-2020-24750 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2013-1965 Vulnerability in maven package org.apache.struts:struts-core
CVE-2014-9635 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2022-25167 Vulnerability in maven package org.apache.flume.flume-ng-sources:flume-jms-source
CVE-2018-6874 Vulnerability in maven package org.webjars.bower:auth0-lock