CVE-2017-16071

nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

CVE-2017-16056

mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

CVE-2017-16057

The CVE-2017-16057 entry concerns the nodemssql npm package, which is documented as malware that steals environment variables and exfiltrates them to attacker-controlled locations. All versions have been unpublished from the npm registry. Impact described in linked advisories includes credential ...

CVE-2017-16074

The CVE-2017-16074 entry concerns the npm package crossenv, which is described in connected documents as malware that hijacks environment variables and exfiltrates them to attacker-controlled locations. All versions have been unpublished from npm. Public advisories (GitHub GHSA and npm advisory) ...

CVE-2017-16058

CVE-2017-16058 corresponds to the npm package gruntcli, which was a malicious module designed to hijack environment variables. Multiple connected sources confirm that gruntcli behaved as malware, stealing environment variables and transmitting them to attacker-controlled locations; all versions h...

CVE-2017-16063

The CVE-2017-16063 issue corresponds to the node-opensl malware. The affected component is the node-opensl package, which was published to hijack environment variables and exfiltrate them to attacker-controlled locations. All versions have been unpublished from the npm registry. The primary root ...

CVE-2017-16059

CVE-2017-16059 relates to the npm package mssql-node , identified as malware that steals environment variables and exfiltrates them to attacker-controlled locations. The linked advisories corroborate that all versions were unpublished from npm. The vulnerability’s concrete details in connected do...

CVE-2017-16080

CVE-2017-16080 relates to the npm package nodesass, identified as malware that steals environment variables and exfiltrates them to attacker-controlled locations. The npm registry has unpublished all versions of this package, mitigating ongoing use. Connected advisories (GHSA-xfmw-2vmm-579c, npm ...

CVE-2017-16078

CVE-2017-16078 concerns the npm package shadow sock—described in connected advisories as a malware that steals environment variables and exfiltrates to attacker-controlled endpoints. The npm advisory and GitHub/OSV entries confirm it has been unpublished from the npm registry; all versions are re...

CVE-2017-16077

CVE-2017-16077 concerns the npm package named mongose, described across multiple sources as malware that steals environment variables and exfiltrates them to attacker-controlled locations. The package was unpublished from the npm registry, and advisories emphasize removal from affected environmen...

CVE-2017-16056

CVE-2017-16056 refers to the npm package mssql.js , reported as a malicious module designed to hijack environment variables. The available connected sources confirm that this package steals credentials from environment variables and exfiltrates them to attacker-controlled locations, and that all ...

CVE-2017-16079

CVE-2017-16079 corresponds to the npm malware package described as the public smb package; it hijacked environment variables and exfiltrated them to attacker-controlled locations. All versions were unpublished from the npm registry. Connected records (GhSA/NVD/Veracode/OpenVAS) confirm the malwar...

CVE-2017-16078

shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

CVE-2017-16069

nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

CVE-2017-16080

nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

CVE-2017-16072

CVE-2017-16072 concerns the nodemailer.js package, which is identified as malware that steals environment variables. The npm package was published with malicious intent and has since been unpublished from the npm registry. Connected advisories and records describe the malware behavior and recomme...

CVE-2017-16071

CVE-2017-16071 concerns the npm package nodemailer-js , described as malware that hijacks environment variables and exfiltrates them to attacker-controlled locations. All versions were unpublished from the npm registry. Connected advisories corroborate malware behavior and provide remediation gui...

CVE-2017-16076

CVE-2017-16076 refers to the npm package proxy.js, described as malware that hijacks environment variables. The connected advisories confirm that proxy.js was published to steal env vars and that all versions were unpublished from the npm registry. Exploitation details are not provided in the doc...

CVE-2017-16065

CVE-2017-16065 corresponds to the npm malware incident involving the package named openssl.js, which was published to hijack environment variables and exfiltrate them to attacker-controlled locations. The linked records confirm that the package has been unpublished from the npm registry and that ...

CVE-2017-16075

CVE-2017-16075 corresponds to the http-proxy.js package that was published as malware with the intent to hijack environment variables and exfiltrate them to attacker-controlled locations. The npm advisory and related records note that all versions were unpublished from the npm registry. Connected...