Description
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/503
Related Vulnerabilities
CVE-2017-11341 Vulnerability in npm package node-sass
CVE-2022-39249 Vulnerability in npm package matrix-js-sdk
CVE-2023-27095 Vulnerability in maven package cn.hippo4j:hippo4j-core
CVE-2022-24718 Vulnerability in npm package @finastra/ssr-pages
CVE-2022-24198 Vulnerability in maven package com.itextpdf:itext7-core