Description
node-tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/501
Related Vulnerabilities
CVE-2020-7640 Vulnerability in npm package fun-map
CVE-2015-0886 Vulnerability in maven package org.mindrot:jbcrypt
CVE-2016-10683 Vulnerability in npm package arcanist
CVE-2019-19771 Vulnerability in npm package hdkye
CVE-2023-25762 Vulnerability in maven package org.jenkins-ci.plugins:pipeline-build-step