2 matches found
Malicious code in maya-teh57-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d690d0f8d5149d943837d63f1d137b75a7cb398a5dcb272c403f9935cbfec5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. This can occur when used with untrusted input, due to unsafe PAC file handling. In order to exploit this vulnerability in practice, this either requires an attacker on your local network, a specific vulnerable...