Lucene search
Veracode Vulnerability DatabaseVERACODE:34717HistoryMar 17, 2022 - 3:31 a.m.
Malicious Package
2022-03-1703:31:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
0.008 Low
EPSS
Percentile
81.1%
node-ipc is a malicious package. The vulnerability exists because it contains or downloads malicious codes that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji.
References
github.com/advisories/GHSA-3mpp-xfvh-qh37
github.com/advisories/GHSA-8gr3-2gjw-jj7g
github.com/RIAEvangelist/node-ipc/blob/847047cf7f81ab08352038b2204f0e7633449580/dao/ssl-geospec.js
github.com/RIAEvangelist/node-ipc/commit/847047cf7f81ab08352038b2204f0e7633449580
github.com/RIAEvangelist/node-ipc/commit/b156ff40dd9eaa992edff0e8d092a6da0858da03
github.com/RIAEvangelist/node-ipc/issues/233
github.com/RIAEvangelist/node-ipc/issues/236
security.netapp.com/advisory/ntap-20220407-0005/
Related
prion
prion
Design/Logic Flaw
2022-03-16 16:15:00
thn
thn
osv
osv
Embedded Malicious Code in node-ipc
2022-03-16 23:54:32
nvd
nvd
CVE-2022-23812
2022-03-16 16:15:10
github
github
Embedded Malicious Code in node-ipc
2022-03-16 23:54:32
githubexploit
githubexploit
Exploit for Code Injection in Node-Ipic Project Node-Ipic
2022-03-17 16:49:22
f5
f5
K42801711 : node-ipc vulnerability CVE-2022-23812
2022-04-12 00:00:00
malwarebytes
malwarebytes
cvelist
cvelist
CVE-2022-23812 Malicious Package
2022-03-16 00:00:00
cve
cve
CVE-2022-23812
2022-03-16 16:15:10
threatpost
threatpost
Dev Sabotages Popular NPM Package to Protest Russian Invasion
2022-03-17 19:21:09