Description
ikst versions before 1.1.2 download resources over HTTP, which leaves it vulnerable to MITM attacks.
Remediation
References
https://nodesecurity.io/advisories/249
Related Vulnerabilities
CVE-2021-28918 Vulnerability in npm package netmask
CVE-2020-6426 Vulnerability in maven package org.webjars.npm:electron
CVE-2022-0764 Vulnerability in npm package strapi
CVE-2020-15252 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2023-30528 Vulnerability in maven package org.jenkins-ci.plugins:wso2id-oauth