0.5.4
1 months ago
28 days ago
Known vulnerabilities in the @zynkit/jwtbytes package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
@zynkit/jwtbytes is a malicious package.
This package contains malicious code and is part of a coordinated npm supply-chain campaign. It ships an obfuscated Impact The infostealer targets crypto wallets, browser credentials, cloud tokens, SSH keys, and developer credentials (npm, Note
How to fix Malicious Package? Avoid using all malicious instances of the | =0.4.3=0.5.1=0.5.2=0.5.3=0.5.4 |