Описание
Malicious Package in sdfjghlkfjdshlkjdhsfg
All versions of sdfjghlkfjdshlkjdhsfg contain malicious code. The package is essentially a worm that fetches all packages owned by the user, adds a script to self-replicate as a preinstall script and publishes a new version.
Recommendation
Remove the package from your environment and ensure all packages owned were not impacted.
Пакеты
Наименование
sdfjghlkfjdshlkjdhsfg
npm
Затронутые версииВерсия исправления
>= 0.0.0
Отсутствует
9.8 Critical
CVSS3
Дефекты
CWE-506
9.8 Critical
CVSS3
Дефекты
CWE-506