The node-tkinter
packages is a malicious typo-squatting package. The package uses a similar name to the original library so that developers may mistake them for the real one but have malicious actions under the hood such as stealing environment variables.
CPE | Name | Operator | Version |
---|---|---|---|
node-tkinter | le | 1.0.2 |