CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-10568

geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country before 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.2%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.8

References

Products affected by CVE-2016-10568

Geoip-Lite-Country Project » Geoip-Lite-Country » Version: 1.0.7

cpe:2.3:a:geoip-lite-country_project:geoip-lite-country:1.0.7
Geoip-Lite-Country Project » Geoip-Lite-Country » Version: 1.0.8

cpe:2.3:a:geoip-lite-country_project:geoip-lite-country:1.0.8
Geoip-Lite-Country Project » Geoip-Lite-Country » Version: 1.0.9

cpe:2.3:a:geoip-lite-country_project:geoip-lite-country:1.0.9
Geoip-Lite-Country Project » Geoip-Lite-Country » Version: 1.1.0

cpe:2.3:a:geoip-lite-country_project:geoip-lite-country:1.1.0
Geoip-Lite-Country Project » Geoip-Lite-Country » Version: 1.1.1

cpe:2.3:a:geoip-lite-country_project:geoip-lite-country:1.1.1
Geoip-Lite-Country Project » Geoip-Lite-Country » Version: 1.1.3

cpe:2.3:a:geoip-lite-country_project:geoip-lite-country:1.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-10568

Products

Pricing

Contact Us