CNNVD-202509-1998 Information
CNNVD ID
CNNVD-202509-1998
Related CVE
- CNNVD Published: 2025-09-15
Description (Chinese)
Backslash是Josh Junon个人开发者的一个解析反斜杠字符串的工具。 Backslash 0.2.1版本存在安全漏洞,该漏洞源于恶意软件有效载荷可能导致加密货币交易重定向。
Description (English)
Backslash is a tool used by Josh Junon’s personal developer to parse backslash strings. Backslash 0.2.1 has a security loophole, which results from a malicious software payload that may lead to a redirection of encrypted currency transactions.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-09-15
Last Modified
2026-02-24
References
https://socket.dev/blog/npm-author-qix-compromised-in-major-supply-chain-attack https://github.com/Qix-/node-backslash/security/advisories/GHSA-53mq-f4w3-f7qv https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised https://www.ox.security/blog/npm-packages-compromised https://github.com/debug-js/debug/issues/1005
Patch
https://github.com/Qix-/node-backslash/releases
Share on: