5 matches found
node-opensl is malware
The node-opensl package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...
Malicious JavaScript Package Detection
Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
Code injection
node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16063
The CVE-2017-16063 issue corresponds to the node-opensl malware. The affected component is the node-opensl package, which was published to hijack environment variables and exfiltrate them to attacker-controlled locations. All versions have been unpublished from the npm registry. The primary root ...
CVE-2017-16063
node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...