Description
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry.
Remediation
References
https://nodesecurity.io/advisories/481
Related Vulnerabilities
CVE-2021-23341 Vulnerability in npm package prismjs
CVE-2019-0192 Vulnerability in maven package org.apache.solr:solr-core
CVE-2022-21680 Vulnerability in npm package marked
CVE-2018-20676 Vulnerability in maven package org.webjars.bowergithub.angular-ui:bootstrap
CVE-2020-15232 Vulnerability in maven package org.mapfish.print:print-standalone