GHSA-p32g-242c-76h3

Source

https://github.com/advisories/GHSA-p32g-242c-76h3

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/09/GHSA-p32g-242c-76h3/GHSA-p32g-242c-76h3.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-p32g-242c-76h3

Published

2020-09-11T21:14:49Z

Modified

2023-07-27T00:09:19Z

Summary

Malicious Package in geoheat

Details

Version 1.3.2 of geoheat contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=

Recommendation

Remove the package from your environment and evaluate your application to determine whether or not user data was compromised.

Users may consider downgrading to version 1.3.1

Database specific

{
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:40:59Z",
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "CRITICAL"
}

References

https://www.npmjs.com/advisories/932

Affected packages

npm / geoheat

Package

Name: geoheat; View open source insights on deps.dev
Purl: pkg:npm/geoheat

Affected ranges

Affected versions

1.*

1.3.2