VYPR

npm package

cofee-script

pkg:npm/cofee-script

Malware

1 malicious version on record

One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.

Vulnerabilities (1)

  • CVE-2017-16206HigJun 7, 2018

    The cofee-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.