) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): npm
- Search Type: Search All
- CPE Name Search: false
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2017-16126 |
The module botbait is a tool to be used to track bot and automated tools usage with-in the npm ecosystem. botbait is known to record and track user information. The module tracks the following information. Source IP process.versions process.platform How the module was invoked (test, require, pre-install) Published: June 06, 2018; 10:29:03 PM -0400 |
V3.0: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
| CVE-2017-16081 |
cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16080 |
nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16079 |
smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16078 |
shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16077 |
mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16076 |
proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16075 |
http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16074 |
crossenv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16073 |
noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16072 |
nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16071 |
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16070 |
nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16069 |
nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16068 |
ffmepg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16067 |
node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16066 |
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16065 |
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16064 |
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-16063 |
node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. Published: June 06, 2018; 10:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |