Malicious Package in nodes.js

2020-09-03T18:13:41
ID GHSA-38VQ-CJH5-VW7X
Type github
Reporter GitHub Advisory Database
Modified 2020-09-03T18:13:41

Description

All versions of nodes.js contain malicious code. The package searches and installs globally thousands of packages based on keywords node, react, react-native, vue, angular and babel to fill the system's memory.

Recommendation

Remove the package from your environment and validate what packages are installed.