Description
The module botbait is a tool to be used to track bot and automated tools usage with-in the npm ecosystem. botbait is known to record and track user information. The module tracks the following information. Source IP process.versions process.platform How the module was invoked (test, require, pre-install)
Remediation
References
https://nodesecurity.io/advisories/483
Related Vulnerabilities
CVE-2021-23648 Vulnerability in npm package @braintree/sanitize-url
CVE-2020-2297 Vulnerability in maven package com.hoiio.jenkins:sms
CVE-2018-3746 Vulnerability in npm package pdfinfojs
CVE-2020-9497 Vulnerability in maven package org.apache.guacamole:guacamole
CVE-2020-13935 Vulnerability in maven package org.apache.tomcat:tomcat-coyote