<p>There is no fixed version for <code>npmpubman</code>.</p>

Malicious Package Affecting npmpubman package, versions *

Snyk CVSS

Attack Complexity Low

Confidentiality High

Integrity High

Availability High

Threat Intelligence

Exploit Maturity Mature

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-JS-NPMPUBMAN-1018835
published 16 Oct 2020
disclosed 15 Oct 2020
credit Unknown

Report a new vulnerability Found a mistake?

Introduced: 15 Oct 2020

Malicious CWE-506 Open this link in a new tab

How to fix?

There is no fixed version for npmpubman.

Overview

npmpubman is a malicious package. All versions of npmpubman contain malicious code. The index.js file sends local environment variables to a remote server. The file is not run upon installation - the package needs to be required or the index.js run manually.