Description
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry.
Remediation
References
https://nodesecurity.io/advisories/481
Related Vulnerabilities
CVE-2019-3868 Vulnerability in maven package org.keycloak:keycloak-services
CVE-2020-7641 Vulnerability in npm package grunt-util-property
CVE-2019-19771 Vulnerability in npm package riped160
CVE-2017-12158 Vulnerability in maven package org.keycloak:keycloak-server-spi-private
CVE-2023-48796 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-master