Description
gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/498
Related Vulnerabilities
CVE-2016-10669 Vulnerability in npm package soci
CVE-2014-9515 Vulnerability in maven package com.github.dozermapper:dozer-parent
CVE-2019-5479 Vulnerability in npm package larvitbase-api
CVE-2020-7961 Vulnerability in maven package com.liferay.portal:com.liferay.portal.impl
CVE-2020-26939 Vulnerability in maven package org.bouncycastle:bcprov-jdk14