Description
tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/500
Related Vulnerabilities
CVE-2019-12421 Vulnerability in maven package org.apache.nifi:nifi-web-security
CVE-2023-32081 Vulnerability in maven package io.vertx:vertx-stomp
CVE-2018-11537 Vulnerability in maven package org.webjars.bower:angular-jwt
CVE-2022-34188 Vulnerability in maven package org.jenkins-ci.plugins:hidden-parameter
CVE-2023-33005 Vulnerability in maven package org.jenkins-ci.plugins:wso2id-oauth