Lucene search

K

gruntcli is malware

🗓️ 09 Nov 2018 17:52:43Reported by GitHub Advisory DatabaseType 
github
 github
🔗 github.com👁 17 Views

Malicious 'gruntcli' package stealing environment variables and sending them to attacker controlled locations. All versions unpublished from npm registry. Recommendation for deletion, clearing npm cache, and regenerating sensitive credentials.

Show more
Related
Detection
Refs
ReporterTitlePublishedViews
Family
Prion
Code injection
7 Jun 201802:29
prion
NVD
CVE-2017-16058
7 Jun 201802:29
nvd
Cvelist
CVE-2017-16058
7 Jun 201802:00
cvelist
CVE
CVE-2017-16058
7 Jun 201802:29
cve
Node.js
Hijacked Environment Variables
8 Aug 201721:48
nodejs
OSV
gruntcli is malware
9 Nov 201817:43
osv
Veracode
Malicious Typo-Squatting
7 Jun 201805:52
veracode
OpenVAS
Malicious JavaScript Package Detection
12 Jun 201800:00
openvas
Vulners
Node

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
09 Nov 2018 17:43Current
7.3High risk
Vulners AI Score7.3
CVSS25
CVSS37.5
EPSS0.001
17
.json
Report