Loading npm security reports…
This document describes the management of vulnerabilities for the project and all modules within the organization.
Runtime use of the exported middleware silently launches a detached child process. That process downloads JavaScript from a Base64-obscured URL and executes it with Node's `require` capability.
Source decodes a Base64-obscured HTTP endpoint at runtime.
lib/caller.jsView on unpkg · L2Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgSource decodes a Base64-obscured HTTP endpoint at runtime.
lib/caller.jsView on unpkg · L2Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkg