Malicious Package

Overview Version 3.5.0 of blubird contains malicious code . The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. Upon require the package attempts to start a cryptocurrency miner using coin-hive. Recommendation Remove the package...

Malicious Package

Overview Version 1.2.2 of font-scrubber contains malicious code as a postinstall script. The package attempts to upload sensitive files from the system to a remote server. The files include configuration files, command history logs, SSH keys and /etc/passwd. Recommendation Any computer that has...

@operational/scripts (>=1.3.0-2-g9aed93d <=1.3.0-3-gbb9247d), byu-jwt (=1.0.3) +14 more potentially affected by unknown CVE via pem (>=0.2.1 <=1.12.7)

pem NPM version =0.2.1, =1.3.0-2-g9aed93d, =0.3.0, =7.2.3, =6.0.0, =0.1.0, =0.0.4, =1.34.0, =8.0.4, =5.0.0, =6.0.0, =7.3.0 - happner-tests =0.0.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-PGCR-7WM4-MCV6...

Malicious Package

Overview Version 0.1.8 of kraken-api contains malicious code as a postinstall script. When installed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation Any computer that has this package installed or running should be considered fully compromised...

Malicious Package

Overview Version 1.0.0 of rimrafall contains malicious code as a preinstall script. The package attempts to remove all files in the system's root folder. Recommendation If you installed this package it is likely your machine was erased. If not, remove the package from your system and verify if an...

Malicious Package

Overview All versions of tensorplow contain malicious code as a preinstall script. When installed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation Any computer that has this package installed or running should be considered fully compromised. A...

Malicious Package

Overview Version 3.3.1 of jqeury contains malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opened a...

Malicious Package

Overview All versions of hulp contain malicious code as a preinstall script. When installed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation Any computer that has this package installed or running should be considered fully compromised. All...

Malicious Package

Overview Version 1.5.3 of colour-string contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secret...

Malicious Package

Overview Version 1.8.4 of bowee contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and ke...

Malicious Package

Overview Version 1.8.4 of bowee contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and ke...

Cross-Site Scripting

Overview Versions of ag-grid-community prior to 14.0.0 are vulnerable to Cross-Site Scripting XSS. Grid contents are not properly sanitized and may allow attackers to execute arbitrary JavaScript if user input is rendered in the grid. Recommendation Upgrade to version 14.0.0 or later References -...

Path Traversal

Overview Versions of algo-httpserv prior to 1.1.2 are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths. Recommendation Upgrade to version 1.1.2 or later. References GitHub Advisory...

Sandbox Breakout / Arbitrary Code Execution

Overview All versions of value-censorship are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to validate async function constructors allowing attackers to execute arbitrary code. Recommendation No fix is currently available. Consider using an alternative package...

Malicious Package

Overview The package donotinstallthis contained malicious code. The package contained a script that was run as part of the install script. The script contacted a remote service tracking how many installations were done. There is no further compromise. Recommendation Remove the package from your...

Malicious Package

Overview All versions of rqeuest typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

Malicious Package

Overview All versions of requets typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

Malicious Package

Overview All versions of reqquest typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

Malicious Package

Overview All versions of requuest typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

Malicious Package

Overview All versions of chak typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...