The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-506,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cofeescript_project | cofeescript | 0.0.1 |