Lucene search
Veracode Vulnerability DatabaseVERACODE:6562HistoryJun 05, 2018 - 6:54 a.m.
Malicious Typo-Squatting
2018-06-0506:54:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.002
Percentile
53.8%
mariadb is a malicious typo-squatted package. The package uses a similar name to another library so that developers may mistake it for a legitimate package but executes malicious actions under the hood such as stealing environment variables on installation.
Related
cvelist
cvelist
CVE-2017-16046
2018-06-04 19:00:00
nodejs
nodejs
Hijacked Environment Variables
2017-08-08 21:43:45
cve
cve
CVE-2017-16046
2018-06-04 19:29:02
prion
prion
Code injection
2018-06-04 19:29:00
github
github
Withdrawn Advisory: mariadb was malware
2018-07-18 18:28:17
osv
osv
mariadb is malware
2018-07-18 18:28:17
cbl_mariner
cbl_mariner
CVE-2017-16046 affecting package mariadb 10.3.17-3
2021-05-06 23:57:26
nvd
nvd
CVE-2017-16046
2018-06-04 19:29:02
openvas
openvas
Malicious JavaScript Package Detection
2018-06-12 00:00:00