GHSA-wpfc-3w63-g4hm

Source

https://github.com/advisories/GHSA-wpfc-3w63-g4hm

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/09/GHSA-wpfc-3w63-g4hm/GHSA-wpfc-3w63-g4hm.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-wpfc-3w63-g4hm

Published

2020-09-01T21:09:48Z

Modified

2021-10-01T13:28:35Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Malicious Package in axois

Details

All versions of axois are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands.

Recommendation

This package was published to the npm Registry for a very short period of time. If you happen to find it in your environment you should revoke and rotate all credentials found on the compromised machine, as well as completely erase the affected machine and reinstall your Operating System.

Database specific

{
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:32:38Z",
    "nvd_published_at": null,
    "severity": "CRITICAL",
    "cwe_ids": [
        "CWE-506"
    ]
}

References

https://www.npmjs.com/advisories/683

Affected packages

npm / axois

Package

Name: axois; View open source insights on deps.dev
Purl: pkg:npm/axois

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/09/GHSA-wpfc-3w63-g4hm/GHSA-wpfc-3w63-g4hm.json"