Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Malicious npm package detection
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Several npm packages were of malicious nature. npm has since removed them from their registry, but the packages could still be installed on a host.
Affected Software
Affected Software
Following packages are affected: - npm-script-demo - pandora-doomsday - botbait - d3.js - jquery.js - mariadb - mysqljs - node-sqlite - nodesqlite - sqlite.js - sqliter - node-fabric - fabric-js - nodefabric - sqlserver - mssql.js - nodemssql - gruntcli - mssql-node - babelcli - tkinter - node-tkinter - node-opensl - node-openssl - openssl.js - opencv.js - node-opencv - ffmepg - nodeffmpeg - nodecaffe - nodemailer-js - nodemailer.js - noderequest - crossenv - http-proxy.js - proxy.js - mongose - shadowsock - smb - nodesass - cross-env.js - cofee-script, cofeescript, coffescript, coffe-script - jquey - discordi.js - hooka-tools - getcookies - nothing-js - ladder-text-js - boogeyman - flatmap-stream
Detection Method
Detection Method
Checks if a malicious npm package is present on the target host.
Solution
Solution
- Delete the package - Clear your npm cache - Ensure it is not present in any other package.json files on your system - Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been present in your environment variables.
Common Vulnerabilities and Exposures (CVE)
- CVE-2017-16044
- CVE-2017-16045
- CVE-2017-16046
- CVE-2017-16047
- CVE-2017-16048
- CVE-2017-16049
- CVE-2017-16050
- CVE-2017-16051
- CVE-2017-16052
- CVE-2017-16053
- CVE-2017-16054
- CVE-2017-16055
- CVE-2017-16056
- CVE-2017-16057
- CVE-2017-16058
- CVE-2017-16059
- CVE-2017-16060
- CVE-2017-16061
- CVE-2017-16062
- CVE-2017-16063
- CVE-2017-16064
- CVE-2017-16065
- CVE-2017-16066
- CVE-2017-16067
- CVE-2017-16068
- CVE-2017-16069
- CVE-2017-16070
- CVE-2017-16071
- CVE-2017-16072
- CVE-2017-16073
- CVE-2017-16074
- CVE-2017-16075
- CVE-2017-16076
- CVE-2017-16077
- CVE-2017-16078
- CVE-2017-16079
- CVE-2017-16080
- CVE-2017-16081
- CVE-2017-16202
- CVE-2017-16203
- CVE-2017-16204
- CVE-2017-16205
- CVE-2017-16206
- CVE-2017-16207
References
- https://www.npmjs.com/advisories/480
- https://www.npmjs.com/advisories/481
- https://www.npmjs.com/advisories/482
- https://www.npmjs.com/advisories/483
- https://www.npmjs.com/advisories/484
- https://www.npmjs.com/advisories/485
- https://www.npmjs.com/advisories/486
- https://www.npmjs.com/advisories/487
- https://www.npmjs.com/advisories/488
- https://www.npmjs.com/advisories/489
- https://www.npmjs.com/advisories/490
- https://www.npmjs.com/advisories/491
- https://www.npmjs.com/advisories/492
- https://www.npmjs.com/advisories/493
- https://www.npmjs.com/advisories/494
- https://www.npmjs.com/advisories/495
- https://www.npmjs.com/advisories/496
- https://www.npmjs.com/advisories/497
- https://www.npmjs.com/advisories/498
- https://www.npmjs.com/advisories/499
- https://www.npmjs.com/advisories/500
- https://www.npmjs.com/advisories/501
- https://www.npmjs.com/advisories/502
- https://www.npmjs.com/advisories/503
- https://www.npmjs.com/advisories/504
- https://www.npmjs.com/advisories/505
- https://www.npmjs.com/advisories/506
- https://www.npmjs.com/advisories/507
- https://www.npmjs.com/advisories/508
- https://www.npmjs.com/advisories/509
- https://www.npmjs.com/advisories/510
- https://www.npmjs.com/advisories/511
- https://www.npmjs.com/advisories/512
- https://www.npmjs.com/advisories/513
- https://www.npmjs.com/advisories/514
- https://www.npmjs.com/advisories/515
- https://www.npmjs.com/advisories/516
- https://www.npmjs.com/advisories/517
- https://www.npmjs.com/advisories/518
- https://www.npmjs.com/advisories/519
- https://www.npmjs.com/advisories/520
- https://www.npmjs.com/advisories/540
- https://www.npmjs.com/advisories/541
- https://www.npmjs.com/advisories/542
- https://www.npmjs.com/advisories/543
- https://www.npmjs.com/advisories/544
- https://www.npmjs.com/advisories/545
- https://www.npmjs.com/advisories/549
- https://www.npmjs.com/advisories/649
- https://www.npmjs.com/advisories/650
- https://www.npmjs.com/advisories/651
- https://www.npmjs.com/advisories/677
- https://www.npmjs.com/advisories/737