Description
`nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/488
Related Vulnerabilities
CVE-2021-46708 Vulnerability in maven package org.webjars.npm:swagger-ui
CVE-2012-5817 Vulnerability in maven package org.codehaus.xfire:xfire-core
CVE-2020-13956 Vulnerability in maven package org.apache.httpcomponents.client5:httpclient5
CVE-2014-3623 Vulnerability in maven package org.apache.ws.security:wss4j
CVE-2022-22881 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base