Description

discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin.

Remediation

References

https://nodesecurity.io/advisories/545

Related Vulnerabilities

CVE-2022-31108 Vulnerability in npm package mermaid

CVE-2016-10658 Vulnerability in npm package native-opencv

CVE-2022-23487 Vulnerability in npm package libp2p

CVE-2018-20318 Vulnerability in maven package com.github.binarywang:weixin-java-common

CVE-2023-23936 Vulnerability in maven package org.webjars.npm:undici

Severity

High

Classification

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Tags

Third Party Advisory NVD-CWE-noinfo