Name of the Vulnerable Software and Affected Versions reques (affected versions not specified)

Description The reques package is a typosquatted version of a popular package with a similar name. It tracks users who have installed the incorrect package and uploads information to a remote server, including the name of the downloaded package, the name of the intended package, the Node version, and whether the process is running as sudo. There is no further compromise.

Recommendations Remove the reques package from your dependencies. Always ensure package names are typed correctly upon installation.