SB2019120301 - Multiple malicious nmp packages (backdoors)
Published: December 3, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 71 secuirty vulnerabilities.
1) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
2) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
3) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
4) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
5) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
6) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
7) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
8) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
9) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
10) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
11) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
12) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
13) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
14) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
15) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
16) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
17) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
18) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
19) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
20) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
21) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
22) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
23) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
24) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
25) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
26) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
27) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
28) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
29) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
30) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
31) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
32) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
33) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
34) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
35) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
36) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
37) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
38) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
39) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
40) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
41) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
42) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
43) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
44) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
45) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
46) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
47) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
48) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
49) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
50) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
51) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
52) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
53) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
54) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
55) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
56) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
57) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
58) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
59) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
60) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
61) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
62) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
63) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
64) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
65) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
66) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
67) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
68) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
69) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
70) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
71) Embedded malicious code (backdoor) (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- https://www.npmjs.com/advisories/1348
- https://www.npmjs.com/advisories/1369
- https://www.npmjs.com/advisories/1367
- https://www.npmjs.com/advisories/1372
- https://www.npmjs.com/advisories/1373
- https://www.npmjs.com/advisories/1371
- https://www.npmjs.com/advisories/1370
- https://www.npmjs.com/advisories/1374
- https://www.npmjs.com/advisories/1376
- https://www.npmjs.com/advisories/1375
- https://www.npmjs.com/advisories/1377
- https://www.npmjs.com/advisories/1378
- https://www.npmjs.com/advisories/1379
- https://www.npmjs.com/advisories/1382
- https://www.npmjs.com/advisories/1380
- https://www.npmjs.com/advisories/1381
- https://www.npmjs.com/advisories/1386
- https://www.npmjs.com/advisories/1383
- https://www.npmjs.com/advisories/1385
- https://www.npmjs.com/advisories/1384
- https://www.npmjs.com/advisories/1388
- https://www.npmjs.com/advisories/1389
- https://www.npmjs.com/advisories/1387
- https://www.npmjs.com/advisories/1391
- https://www.npmjs.com/advisories/1390
- https://www.npmjs.com/advisories/1394
- https://www.npmjs.com/advisories/1393
- https://www.npmjs.com/advisories/1392
- https://www.npmjs.com/advisories/1396
- https://www.npmjs.com/advisories/1397
- https://www.npmjs.com/advisories/1395
- https://www.npmjs.com/advisories/1400
- https://www.npmjs.com/advisories/1398
- https://www.npmjs.com/advisories/1399
- https://www.npmjs.com/advisories/1401
- https://www.npmjs.com/advisories/1404
- https://www.npmjs.com/advisories/1403
- https://www.npmjs.com/advisories/1402
- https://www.npmjs.com/advisories/1407
- https://www.npmjs.com/advisories/1406
- https://www.npmjs.com/advisories/1405
- https://www.npmjs.com/advisories/1408
- https://www.npmjs.com/advisories/1410
- https://www.npmjs.com/advisories/1409
- https://www.npmjs.com/advisories/1413
- https://www.npmjs.com/advisories/1412
- https://www.npmjs.com/advisories/1411
- https://www.npmjs.com/advisories/1414
- https://www.npmjs.com/advisories/1415
- https://www.npmjs.com/advisories/1416
- https://www.npmjs.com/advisories/1417
- https://www.npmjs.com/advisories/1349
- https://www.npmjs.com/advisories/1350
- https://www.npmjs.com/advisories/1351
- https://www.npmjs.com/advisories/1352
- https://www.npmjs.com/advisories/1353
- https://www.npmjs.com/advisories/1354
- https://www.npmjs.com/advisories/1355
- https://www.npmjs.com/advisories/1356
- https://www.npmjs.com/advisories/1357
- https://www.npmjs.com/advisories/1358
- https://www.npmjs.com/advisories/1359
- https://www.npmjs.com/advisories/1360
- https://www.npmjs.com/advisories/1362
- https://www.npmjs.com/advisories/1363
- https://www.npmjs.com/advisories/1364
- https://www.npmjs.com/advisories/1365
- https://www.npmjs.com/advisories/1366
- https://www.npmjs.com/advisories/1368
- https://www.npmjs.com/advisories/1344