Affected script: "install-scripts:preinstall"
The script uses curl
to send the contents of the /etc/passwd
file from the local machine to a remote server. The /etc/passwd
file in Unix-like operating systems contains user account information and is often readable by any user on the system (although passwords are not stored in this file on modern systems, they are in /etc/shadow
, which is typically only accessible by root). This could expose user names and other potentially sensitive information. The hostname is used to form a unique subdomain for the data exfiltration, indicating an attempt to transmit this data stealthily to an attacker-controlled server. This constitutes a security vulnerability.
@atea/common-design-components
's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.Name | Version | Size | License | Type | Vulnerabilities |
---|