Description
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/504
Related Vulnerabilities
CVE-2015-8851 Vulnerability in maven package org.webjars.bower:node-uuid
CVE-2017-16122 Vulnerability in npm package cuciuci
CVE-2017-16013 Vulnerability in npm package hapi
CVE-2019-20364 Vulnerability in maven package org.igniterealtime.openfire:xmppserver
CVE-2022-32210 Vulnerability in maven package org.webjars.npm:undici