4 matches found
GHSA-9FG5-F5PJ-RWCC gruntcli is malware
The gruntcli package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concer...
Malicious JavaScript Package Detection
Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
CVE-2017-16058
gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16058
CVE-2017-16058 corresponds to the npm package gruntcli, which was a malicious module designed to hijack environment variables. Multiple connected sources confirm that gruntcli behaved as malware, stealing environment variables and transmitting them to attacker-controlled locations; all versions h...