2 matches found
CVE-2017-16065
CVE-2017-16065 corresponds to the npm malware incident involving the package named openssl.js, which was published to hijack environment variables and exfiltrate them to attacker-controlled locations. The linked records confirm that the package has been unpublished from the npm registry and that ...
CVE-2017-16065
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...