flatmap-stream@0.0.1-security vulnerabilities

security holding package

latest version

0.0.1-security
first published

5 years ago
latest version published

5 years ago
licenses detected
- Unknown
  >=0
View flatmap-stream package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the flatmap-stream package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
C Malicious Package `flatmap-stream` is a malicious package which was used in order to steal bitcoins from wallets. The malicious code was able to check if the `copay-dash` package was installed, and then attempt to steal the bitcoins stored in it. It was distributed by hijacking the popular `event-stream` package and adding `flatmap-stream` as a dependency. You can read more about the malicious code on our blog. How to fix Malicious Package? Avoid using any version of `flatmap-stream` and version `3.3.6` of `event-stream`.	*

Malicious Package

flatmap-stream is a malicious package which was used in order to steal bitcoins from wallets. The malicious code was able to check if the copay-dash package was installed, and then attempt to steal the bitcoins stored in it. It was distributed by hijacking the popular event-stream package and adding flatmap-stream as a dependency.

You can read more about the malicious code on our blog.

How to fix Malicious Package?

Avoid using any version of flatmap-stream and version 3.3.6 of event-stream.

Go back to all versions of this package

flatmap-stream@0.0.1-security vulnerabilities

security holding package

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities