VYPR

npm package

cofeescript

pkg:npm/cofeescript

Malware

1 malicious version on record

One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.

Vulnerabilities (1)

  • CVE-2017-16202HigJun 7, 2018

    The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.