4777 matches found
Design/Logic Flaw
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16065
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16060
babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Denial of service
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16066
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16071
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16073
noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
Code injection
smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16066
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16063
node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16077
mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16076
CVE-2017-16076 refers to the npm package proxy.js, described as malware that hijacks environment variables. The connected advisories confirm that proxy.js was published to steal env vars and that all versions were unpublished from the npm registry. Exploitation details are not provided in the doc...