EUVD-2018-0727

Malware in sbrugna...

mssql-node is malware

The mssql-node package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this module is malware, if you find it installed in your environment, the real security conce...

Malicious JavaScript Package Detection

Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

CVE-2017-16059

mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

CVE-2017-16059

CVE-2017-16059 relates to the npm package mssql-node , identified as malware that steals environment variables and exfiltrates them to attacker-controlled locations. The linked advisories corroborate that all versions were unpublished from npm. The vulnerability’s concrete details in connected do...

CVE-2017-16059

mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

Hijacked Environment Variables

Overview The mssql-node package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this module is malware, if you find it installed in your environment, the real...