Name of the Vulnerable Software and Affected Versions bowee version 1.8.4

Description The issue concerns malicious code in the preinstall script of the affected software. This code downloads a file from a remote server, executes it, and opens a backdoor, potentially leading to a full compromise of the computer.

Recommendations For version 1.8.4, consider the computer fully compromised and rotate all secrets and keys stored on it immediately from a different computer. Remove the package, but be aware that this may not remove all malicious software resulting from its installation.