The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability note 29394

Node.js destroyer-of-worlds: trojan package

Synthesis of the vulnerability

An attacker uses Node.js destroyer-of-worlds, to destroy system files and overload the server.
Vulnerable products: Nodejs Modules ~ not comprehensive.
Severity of this weakness: 2/4.
Consequences of a hack: data deletion, denial of service on server, denial of service on service.
Hacker's origin: document.
Creation date: 23/05/2019.
Références of this bulletin: NPM-890, VIGILANCE-VUL-29394.

Description of the vulnerability

An attacker uses Node.js destroyer-of-worlds, to destroy system files and overlo...
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a networks vulnerabilities alert. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.