GHSA-wfjh-3hq2-r276

Опубликовано: 03 сент. 2020

Источник: github

Github: Прошло ревью

CVSS3: 9.8

Описание

Malicious Package in node-spdy

This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.

Remove the package from your environment. There are no indications of further compromise.

Наименование

node-spdy

npm

Затронутые версииВерсия исправления

>= 0.0.0

Отсутствует

9.8 Critical

CVSS3

CWE-506

9.8 Critical

CVSS3

CWE-506