Description
install-g-test downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
Remediation
References
https://nodesecurity.io/advisories/228
Related Vulnerabilities
CVE-2020-5258 Vulnerability in maven package org.webjars.bowergithub.dojo:dojo
CVE-2021-35516 Vulnerability in maven package org.apache.commons:commons-compress
CVE-2016-10744 Vulnerability in npm package select2
CVE-2017-15010 Vulnerability in npm package tough-cookie
CVE-2021-23353 Vulnerability in maven package org.webjars:jspdf