Description
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/505
Related Vulnerabilities
CVE-2017-16082 Vulnerability in npm package pg
CVE-2018-16487 Vulnerability in npm package lodash.merge
CVE-2022-1274 Vulnerability in maven package org.keycloak:keycloak-themes
CVE-2017-5878 Vulnerability in maven package org.red5:red5-server
CVE-2020-2239 Vulnerability in maven package org.jenkins-ci.plugins:parameterized-remote-trigger