load-from-cwd-or-npm is a package that can be used to load a module from either CWD or npm CLI directory.
Affected versions of this package are Malicious.
Version 3.0.2 of the packge was found to contain malicous code. The malicious code when executed, breaks functionality of the
purescript-installer package by injecting targeted code.
load-from-cwd-or-npm version 3.0.2 altogether. Furthermore, upgrade
load-from-cwd-or-npm to version 3.0.4 or higher.
- Harry Garood
- Snyk ID
- 17 Jul, 2019
- 18 Jul, 2019