How severe is CVE-2017-16207?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2017-16207?

This is classified as CWE-506, which is a common weakness in software security.

CVE-2017-16207

HIGH Year: 2017

CVSS v3 Score

7.3

High

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-506

View all →

Vulnerability Description

discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin.

CVE-2017-16044

HIGH

CVSS:7.5(High)

`d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.

CWE-5062017

CVE-2017-16045

HIGH

CVSS:7.5(High)

`jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.

CWE-5062017

CVE-2017-16046

HIGH

CVSS:7.5(High)

`mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.

CWE-5062017

CVE-2017-16047

HIGH

CVSS:7.5(High)

mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.

CWE-5062017

CVE-2017-16048

HIGH

CVSS:7.5(High)

`node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.

CWE-5062017

CVE-2017-16049

HIGH

CVSS:7.5(High)

`nodesqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.

CWE-5062017

CVE-2017-16207

Vulnerability Description

Related Vulnerabilities

CVE-2017-16044

CVE-2017-16045

CVE-2017-16046

CVE-2017-16047

CVE-2017-16048

CVE-2017-16049