GMS-2016-125: Downloads Resources over HTTP

December 21, 2016

jser-stat downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.

References

github.com/jser/stat-js/blob/master/data/url-mapping.js

Code Behaviors & Features

Detect and mitigate GMS-2016-125 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →