EUVD-2018-0288

Malware in sbrugna...

GHSA-JP27-CWP2-5QQR jquery.js is malware

The jquery.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security conce...

mapdemotest1 (=0.0.1), websocketsli (=1.0.0) potentially affected by CVE-2017-16045 via jquery.js (=0.0.2-security)

jquery.js NPM version =0.0.2-security is affected by a known vulnerability. The following packages have a transitive dependency on jquery.js and may be impacted: - mapdemotest1 =0.0.1 - websocketsli =1.0.0 Source cves: CVE-2017-16045 Source advisory: OSV:GHSA-JP27-CWP2-5QQR...

jquery.js is malware

The jquery.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security conce...

Malicious JavaScript Package Detection

Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

CVE-2017-16045

jquery.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

CVE-2017-16045

CVE-2017-16045 corresponds to a malicious npm package named jquery.js that hijacks environment variables. The malware was published as a package and later unpublished from the npm registry; it targets any environment where the package is installed, exfiltrating sensitive values to attacker-contro...