https://github.com/advisories/GHSA-g2q5-5433-rhrf

Skip to content
 
GHSA-g2q5-5433-rhrf
Sign up

  * Why GitHub?
    Features -
      + Mobile -
      + Actions -
      + Codespaces -
      + Packages -
      + Security -
      + Code review -
      + Issues -
      + Integrations -
      + GitHub Sponsors -
      + Customer stories-
  * Team
  * Enterprise
  * Explore
      + Explore GitHub -

    Learn and contribute

      + Topics -
      + Collections -
      + Trending -
      + Learning Lab -
      + Open source guides -

    Connect with others

      + The ReadME Project -
      + Events -
      + Community forum -
      + GitHub Education -
      + GitHub Stars program -
  * Marketplace
  * Pricing
    Plans -
      + Compare plans -
      + Contact Sales -
      + Education -

[                    ] 

  *  
    #
    Search All GitHub |
    Jump to |

  * No suggested jump to results

  *  
    #
    Search All GitHub |
    Jump to |
  *  
    #
    Search All GitHub |
    Jump to |
  *  
    #
    Search All GitHub |
    Jump to |

Sign in
Sign up
{{ message }}

 1. GitHub Advisory Database
 2. GHSA-g2q5-5433-rhrf

Embedded malware in rc

critical severity Published Nov 4, 2021 * Updated Nov 4, 2021
Vulnerability details Dependabot alerts 0
We are still processing this advisory. You may have affected
repositories that are not yet on this list. Check back soon for more.

Package

rc (npm)

Affected versions

= 1.2.9
= 1.3.9
= 2.3.9

Patched versions

None

Description

The npm package rc had versions published with malicious code. Users
of affected versions (1.2.9, 1.3.9, and 2.3.9) should downgrade to
1.2.8 as soon as possible and check their systems for suspicious
activity.
Any computer that has this package installed or running should be
considered fully compromised. All secrets and keys stored on that
computer should be rotated immediately from a different computer. The
package should be removed, but as full control of the computer may
have been given to an outside entity, there is no guarantee that
removing the package will remove all malicious software resulting
from installing it.

References

  * https://github.com/dominictarr/rc
  * https://www.npmjs.com/package/rc
  * https://www.virustotal.com/gui/file/
    26451f7f6fe297adf6738295b1dcc70f7678434ef21d8b6aad5ec00beb8a72cf?
    nocache=1

GHSA ID

GHSA-g2q5-5433-rhrf

CWEs

CWE-506

  * (c) 2021 GitHub, Inc.
  * Terms
  * Privacy
  * Security
  * Status
  * Docs

 

  * Contact GitHub
  * Pricing
  * API
  * Training
  * Blog
  * About

You can't perform that action at this time.
You signed in with another tab or window. Reload to refresh your
session. You signed out in another tab or window. Reload to refresh
your session.