3 matches found
CVE-2017-16202
The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation...
CVE-2017-16202
CVE-2017-16202 corresponds to the cofeescript npm package, which is malware. The provided data confirm that the package exfiltrates sensitive data (notably private SSH keys and bash history) to attacker-controlled locations during installation. All versions have been unpublished from npm. The ris...
CVE-2017-16202
The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation...