Affected script: "install-scripts:preinstall"
The script uses curl to send the contents of the '/etc/passwd' file to a remote server. This file contains user account information on a Unix-like system, which can be sensitive. Transmitting this file to an external host is a major security concern as it can lead to information disclosure and potential account compromise.
@atea/warranty-form
's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.Name | Version | Size | License | Type | Vulnerabilities |
---|