VYPR

npm package

coffe-script

pkg:npm/coffe-script

Malware

1 malicious version on record

One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.

Vulnerabilities (1)

  • CVE-2017-16203HigJun 7, 2018

    The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.