Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
14 Jan 2020
13 Jan 2020
Microsoft Vulnerability Research
Introduced: 13 Jan 2020Malicious CWE-506 Open this link in a new tab
How to fix?
1337qq-js is a malicious package.
All versions of
1337qq-js contain malicious code. The package exfiltrates sensitive information through install scripts. It targets UNIX systems. The information exfiltrated includes:
- Environment variables
- Running processes