GHSA-cxm3-wv7p-598c – nx

Package

Manager: npm
Name: nx
Vulnerable Version: =21.5.0 || =20.9.0 || =20.10.0 || =21.6.0 || =20.11.0 || =21.7.0 || =21.8.0 || =20.12.0

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: N/A pctlN/A

Details

Malicious versions of Nx were published ## Summary Malicious versions of the [`nx` package](https://www.npmjs.com/package/nx), as well as some supporting plugin packages, were published to npm, containing code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts. ## Immediate Actions Required ### For all users, check if you were impacted 1. Check your account's audit logs (https://github.com/settings/security-log?q=action%3Arepo.create) to see if a repo containing s1ngularity-repository in the name was published to your Github account. If so your credentials were likely compromised. Unfortunately, Github may have proactively deleted the repo for you. To be safe, rotate any credentials such as Github, NPM, and anything that may have been in your environment variables. 2. Check your local machine to see if there is a file at `/tmp/inventory.txt`, this file will contain a list of files which the malware probably read from. If this file exists, you have been affected. 3. Check this https://github.com/[GithubSlug]?tab=repositories&q=s1ngularity-repository to see if you have a repo containing s1ngularity-repository remains on your Github account. If you do not have the repository available to you anymore, reach out to Github support and they can provide you the contents of the repository. 4. Download the file in the repo for your own records. 5. Then, remove the repo from GitHub. 6. E-mail security@nrwl.io and we will instruct you on how to decode the file so you are aware what information was leaked 7. Rotate your credentials and tokens on all of your accounts. #### Rotate your Github token In order to rotate your Github token, follow these steps: 1. Visit https://github.com/settings/connections/applications/178c6fc778ccc68e1d6a. This is the setting for the Github app used by the `gh` CLI to authenticate itself. 2. Revoke access to that app. This will invalidate the OLD token which may have been compromised. 3. The next time you run the `gh` CLI, you will reauth and a NEW token will be generated. **If you do not do this**, your Github access token may be utilized to do malicious activity on your Github account. Rotate all of your tokens but this is specific instruction for Github to make it as easy as possible. ### For all users, stop using the malicious versions ```bash # Check if the version of nx you are using was a malicious version npm ls nx # If using affected versions, update immediately: npm uninstall nx && npm install nx@latest # Clear caches for any package manager yarn cache clean --all pnpm store prune --force npm cache clean --force # Remove cache directories # Windows %LocalAppData%/npm-cache/_npx # Unix ~/.npm/_npx # Outputs of yarn cache dir pnpm store path ``` ### For Users Who were compromised: Refer to the section above to see if you were compromised. If so, do the following. - **Rotate npm tokens:** Visit https://www.npmjs.com/ and rotate your tokens. - **Rotate Github Tokens:** Visit https://www.github.com/ and rotate your tokens. - **Change Github Credentials:** Change passwords for Github - **Change your passwords** for any other services you use. - **Check your `.zshrc` and `.bashrc` files** for any unfamiliar lines and remove them. ### Purge Malicious Versions from Internal Registries For maintainers of internal registries Immediately remove the compromised versions listed above from your internal package registries (e.g., JFrog Artifactory, Sonatype Nexus) or any other proxies to `[npmjs.org](http://npmjs.org/)`. This will prevent further internal downloads of the malicious code. ## Affected Versions of `nx` - 21.5.0 - Published at 6:32 PM - 20.9.0 - 20.10.0 - 21.6.0 - 20.11.0 - 21.7.0 - 21.8.0 - 20.12.0 - Published at 8:37 PM These versions have since been removed from NPM as of 10:44 PM EDT ## Affected Versions of `@nx/devkit`, `@nx/js`, `@nx/workspace`, `@nx/node` - 21.5.0 - Published at 6:32 PM - 20.9.0 - Published at 8:42 PM ## Affected Versions of `@nx/eslint` - 21.5.0 - Published at 6:32 PM These versions have since been removed from NPM as of 10:44 PM EDT ## Affected Versions of `@nx/key` and `@nx/enterprise-cloud` - 3.2.0 only - Published at 6:32 PM These versions have since been removed from NPM as of 6:20 AM EDT ## Attack Vector ### Vulnerable Workflow The root cause the introduction of a vulnerable [workflow](https://github.com/nrwl/nx/pull/32458) which contained the possibility for injecting executable code. The vulnerable workflow was reverted in `master` almost immediately after the team learned it could have been malicious. However, this proved to be inadequate to address the vulnerability. The workflow contained the 2 issues. #### Bash Injection ```yaml - name: Validate PR title run: | echo "Validating PR title: ${{ github.event.pull_request.title }}" ``` The intention of these lines was to print out the pull request titles being validated via our commit format checks. However, if a PR was opened with a title such as `$(echo "You've been compromised")` the code would be executed within the workflow. We understood this once it was reported but we did not fully understand how this would compromise any secrets because the PR title validation workflow itself did not have access to any secrets. #### Elevated Permissions via `pull_request_target` ```yaml on: pull_request_target: types: [opened, edited, synchronize, reopened] ``` The `pull_request_target` trigger ([Github Docs](https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows#pull_request_target)) was used as a way to trigger the action to run whenever a PR was created or modified. However, what was missed is the warning that this trigger, unlike the standard `pull_request` trigger, runs workflows with elevated permissions including a `GITHUB_TOKEN` which has read/write repository permission. Furthermore, the workflows are executed on the target repo of the PR (`nrwl/nx`) which means that the `GITHUB_TOKEN` had permissions for the `nrwl/nx` repo. In addition, the workflow is run using the version of the workflow available on the target branch which is not necessarily `master`. We believe that the PR was made targeting an outdated branch which still contained the vulnerable workflow despite the fact that the vulnerable workflow was removed from `master`. > Note: While the `GITHUB_TOKEN` had read/write capabilities. The `master` branch and other important branches have Branch Protection rules enabled so the vulnerable workflow could not have written directly to `master`. We

Metadata

Created: 2025-08-27T16:42:47Z
Modified: 2025-09-01T20:11:14Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/08/GHSA-cxm3-wv7p-598c/GHSA-cxm3-wv7p-598c.json
CWE IDs: ["CWE-506"]
Alternative ID: N/A
Finding: F448
Auto approve: 1