Description
The module botbait is a tool to be used to track bot and automated tools usage with-in the npm ecosystem. botbait is known to record and track user information. The module tracks the following information. Source IP process.versions process.platform How the module was invoked (test, require, pre-install)
Remediation
References
https://nodesecurity.io/advisories/483
Related Vulnerabilities
CVE-2022-25927 Vulnerability in maven package org.webjars.npm:github-com-faisalman-ua-parser-js
CVE-2019-0205 Vulnerability in maven package org.apache.thrift:libthrift
CVE-2019-12395 Vulnerability in maven package us.dynmap:dynmap
CVE-2021-23760 Vulnerability in npm package keyget
CVE-2019-10400 Vulnerability in maven package org.jenkins-ci.plugins:script-security