Description
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/504
Related Vulnerabilities
CVE-2020-36144 Vulnerability in npm package redash
CVE-2020-2289 Vulnerability in maven package org.biouno:uno-choice
CVE-2016-6793 Vulnerability in maven package org.apache.wicket:wicket-util
CVE-2020-4051 Vulnerability in npm package dijit
CVE-2023-33695 Vulnerability in maven package cn.hutool:hutool-core