Description
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/503
Related Vulnerabilities
CVE-2020-1913 Vulnerability in npm package hermes-engine
CVE-2016-10540 Vulnerability in maven package org.webjars:minimatch
CVE-2023-33779 Vulnerability in maven package com.xuxueli:xxl-job
CVE-2019-15607 Vulnerability in npm package node-red
CVE-2020-2133 Vulnerability in maven package com.applatix.jenkins:applatix