CVE-2017-16074

Summary

crossenv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.

Affected Software

VendorProductVersion RangeStatus
HackerOnecrossenv node moduleAll versionsaffected

Weaknesses

  • CWE-506: Embedded Malicious Code (CWE-506)

ADP Enrichment

CVE Program Container

Additional References

References