GHSA-5jgp-pg4f-q8vj

Опубликовано: 03 сент. 2020

Источник: github

Github: Прошло ревью

CVSS3: 9.8

Описание

Malicious Package in node-ftp

This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.

Remove the package from your environment. There are no indications of further compromise.

Наименование

node-ftp

npm

Затронутые версииВерсия исправления

>= 0.0.0

Отсутствует

9.8 Critical

CVSS3

CWE-506

9.8 Critical

CVSS3

CWE-506