CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OpenVAS•added 2018/06/12 12:0 a.m.•72 views

Malicious JavaScript Package Detection

Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

10CVSS7.3AI score0.17051EPSS

Exploits4References101

NVD•added 2018/06/07 2:29 a.m.•10 views

CVE-2017-16060

babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

7.5CVSS7.5AI score0.00257EPSS

Exploits0References1

Prion•added 2018/06/07 2:29 a.m.•11 views

Code injection

babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

5CVSS7.4AI score0.00257EPSS

Exploits0References1

CVE•added 2018/06/07 2:0 a.m.•48 views

CVE-2017-16060

CVE-2017-16060 describes the npm package babelcli, a malware package designed to hijack environment variables. The connected documents confirm that babelcli steals environment variables and exfiltrates them to attacker-controlled locations, and that all versions were unpublished from the npm regi...

7.5CVSS7.4AI score0.00257EPSS

Exploits0References1Affected Software1