mep-widget-localizer@0.0.1-security vulnerabilities
security holding package
-
latest version
0.0.1-security
-
first published
2 years ago
-
latest version published
2 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the mep-widget-localizer package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
mep-widget-localizer is a malicious package. The package exfiltrates information such as username, operating system, hostname and spawns a reverse shell to a hardcoded IP address. How to fix Malicious Package? Avoid using all malicious instances of the |
*
|