colors_express@0.0.1-security vulnerabilities
security holding package
-
latest version
0.0.1-security
-
first published
2 years ago
-
latest version published
2 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the colors_express package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
colors_express is a malicious package. This package uses "typosquatting" to bait unaware users to install it. This package contains a Discord info-stealing malware code that iterates over local storage folders of common browsers (Chrome, Opera, Brave, Yandex) and Discord-specific folders. How to fix Malicious Package? Avoid using all malicious instances of the |
*
|