CVE-2017-16081

Summary

cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.

Affected Software

VendorProductVersion RangeStatus
HackerOnecross-env.js node moduleAll versionsaffected

Weaknesses

  • CWE-506: Embedded Malicious Code (CWE-506)

ADP Enrichment

CVE Program Container

Additional References

References