Uploaded image for project: 'Compass '
  1. Compass
  2. COMPASS-3321

Malicious event-stream package in compass and compass-connect repositories

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 1.17.0, 1.18.0
    • Affects Version/s: None
    • Component/s: None
    • None
    • Iteration Sriracha

      Snyk has indicated that the compass and compass-connect repositories are affected by the issue outlined https://app.snyk.io/vuln/SNYK-JS-EVENTSTREAM-72638 , https://snyk.io/vuln/SNYK-JS-FLATMAPSTREAM-72637 and https://www.theregister.co.uk/2018/11/26/npm_repo_bitcoin_stealer/ .

      Can you please check these repositories and resolve the issue?

      Thanks

            Assignee:
            durran.jordan@mongodb.com Durran Jordan
            Reporter:
            robert.dong@mongodb.com Robert Dong (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: