logo

Database

Use of software with malware In nodemailer-js

Description

nodemailer-js is malware The nodemailer-js package is a piece of malware that steals environment variables and sends them to attacker controlled locations.

All versions have been unpublished from the npm registry.

Recommendation

As this package is malware, if you find it installed in your environment, the real security concern is determining how it got there.

If you have found this installed in your environment, you should:

    Delete the package

    Clear your npm cache

    Ensure it is not present in any other package.json files on your system

    Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been present in your environment variables.

Additionally, any service which may have been exposed via credentials in your environment variables, such as a database, should be reviewed for indicators of compromise as well.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. CVE-2017-160712. NVD-2017-160713. OSV-2017-160714. GHSA-xh56-3f5w-9h255. GCVE-2017-16071

References

1. https://www.npmjs.com/advisories/510

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.