Description
babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/499
Related Vulnerabilities
CVE-2019-1003005 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2012-0392 Vulnerability in maven package com.opensymphony:xwork-core
CVE-2022-25851 Vulnerability in maven package org.webjars.npm:jpeg-js
CVE-2020-28496 Vulnerability in npm package three
CVE-2023-36478 Vulnerability in maven package org.eclipse.jetty.http2:http2-hpack