GHSA-322M-P39J-R5M2 npm-script-demo is malware

The npm-script-demo package is a piece of malware that opens a connection to a command and control server and executed the instructions it is given. It has been removed from the npm registry. Recommendation Any computer that has this package installed or running should be considered fully...

Unspecified vulnerability in npm-script-demo

npm-script-demo is a package. A security vulnerability exists in npm-script-demo. No details of the vulnerability are provided at this time...

Malicious JavaScript Package Detection

Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Design/Logic Flaw

The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry...

CVE-2017-16128

The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry...

System Compromise

npm-script-demo compromises the system. It is possible because the module can create an unauthorized connection to a command and control server when it is installed...