GHSA-mfc2-93pr-jf92 – loadyaml

Package

Manager: npm
Name: loadyaml
Vulnerable Version: <0

Severity

Level: Critical

CVSS v3.1: N/A

CVSS v4.0: N/A

EPSS: N/A pctlN/A

Details

Malicious code in `loadyaml` npm packages `loadyaml` and `electorn` were removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local username The malicious packages have been removed from the npm registry and the leaked content removed from GitHub.

Metadata

Created: 2020-10-01T17:10:15Z
Modified: 2020-10-01T17:09:29Z
Source: MANUAL
CWE IDs: ["CWE-506"]
Alternative ID: N/A
Finding: N/A
Auto approve: 0