MidnightBSD

Advisories for coffescript_project

CVE-2017-16203 MEDIUM

The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-506,CWE-200,

Products Affected

Vendor Product Version
coffescript_project coffescript 1.0.1
CVE-2017-16205 MEDIUM

The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-506,CWE-200,

Products Affected

Vendor Product Version
coffescript_project coffescript 1.0.1
CVE-2017-16206 MEDIUM

The cofee-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
coffescript_project coffescript 1.0.1