Description
`node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/489
Related Vulnerabilities
CVE-2018-1002200 Vulnerability in maven package org.codehaus.plexus:plexus-archiver
CVE-2017-7658 Vulnerability in maven package org.eclipse.jetty:jetty-server
CVE-2018-7408 Vulnerability in npm package npm
CVE-2018-1000844 Vulnerability in maven package com.squareup.retrofit2:converter-jaxb
CVE-2018-12585 Vulnerability in maven package org.opcfoundation.ua:opc-ua-stack