1337qq-js@0.0.1-security vulnerabilities

security holding package

  • latest version

    0.0.1-security

  • first published

    4 years ago

  • latest version published

    4 years ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the 1337qq-js package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Malicious 󠅮󠅰󠅭Package

    1337qq-js is a malicious package. All versions of 1337qq-js contain malicious code. The package exfiltrates sensitive information through install scripts. It targets UNIX systems. The information exfiltrated includes:

    • Environment variables
    • Running processes
    • /etc/hosts
    • uname -a
    • npmrc file

    How to fix Malicious 󠅮󠅰󠅭Package?

    Avoid using all malicious instances of the 1337qq-js package.

    >=0.0.0