2 matches found
CVE-2017-16057
The CVE-2017-16057 entry concerns the nodemssql npm package, which is documented as malware that steals environment variables and exfiltrates them to attacker-controlled locations. All versions have been unpublished from the npm registry. Impact described in linked advisories includes credential ...
CVE-2017-16057
nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...