Miggo Logo
Miggo Vulnerability Database
GHSA-h6m3-cx24-9626

GHSA-h6m3-cx24-9626: Malicious Package in js-sla3

9.8

CVSS Score
3.1

Basic Information

CVE ID
-
GHSA ID
GHSA-h6m3-cx24-9626
EPSS Score
-
CWE
CWE-506
Published
9/3/2020
Updated
1/9/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
js-sla3npm>= 0.0.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The advisory describes embedded malicious code (CWE-506) but provides no source code, commit diffs, or specific function names. While the attack pattern suggests Ethereum transaction-related functions would be involved (e.g., wallet interaction or transaction signing), the lack of concrete technical details about the package's implementation makes it impossible to identify specific vulnerable functions with high confidence. Malicious behavior could be implemented in install scripts, runtime hooks, or obfuscated code not directly exposed through function APIs.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

V*rsion *.*.* *ont*in** m*li*ious *o**. T** p**k*** t*r**t** t** *t**r*um *rypto*urr*n*y *n* p*r*orm** tr*ns**tions to w*ll*ts not *ontroll** *y t** us*r. ## R**omm*n**tion R*mov* t** p**k*** *rom your *nvironm*nt. *nsur* no *t**r*um *un*s w*r* *o

Reasoning

T** **visory **s*ri**s *m****** m*li*ious *o** (*W*-***) *ut provi**s no sour** *o**, *ommit *i**s, or sp**i*i* *un*tion n*m*s. W*il* t** *tt**k p*tt*rn su***sts *t**r*um tr*ns**tion-r*l*t** *un*tions woul* ** involv** (*.*., w*ll*t int*r**tion or tr