Severity
Medium
Description
Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.
Suggestion
Ensure that native code bindings are expected. Consumers may consider pure JS and functionally similar alternatives to avoid the challenges and risks associated with native code bindings.
Packages with this alert
ImageMagick's Magick++ bindings for NodeJS
IMMUNIO protects your web app from security vulnerabilities by monitoring requests in realtime. After a two minute installation, your application will be protected from many of the top classes of attacks, including Cross-Site Scripting (XSS), SQL Injectio
Informix native node.js driver
inotify bindings for the new v8 javascript engine
inotify bindings for the new v8 javascript engine