Description
bionode-sra is a Node.js wrapper for SRA Toolkit. bionode-sra downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.
Affected products
- HackerOne / bionode-sra node moduleAll versions – All versions
References
- VENDOR_ADVISORYhttps://nodesecurity.io/advisories/211