Description
gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/498
Related Vulnerabilities
CVE-2023-22621 Vulnerability in npm package @strapi/plugin-email
CVE-2021-21166 Vulnerability in maven package org.webjars.npm:electron
CVE-2020-9498 Vulnerability in maven package org.apache.guacamole:guacamole
CVE-2021-31409 Vulnerability in maven package com.vaadin:vaadin-compatibility-server
CVE-2019-10373 Vulnerability in maven package org.jenkins-ci.plugins:build-pipeline-plugin