Description
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/505
Related Vulnerabilities
CVE-2022-38545 Vulnerability in npm package valine
CVE-2020-15096 Vulnerability in npm package electron
CVE-2022-31142 Vulnerability in npm package @fastify/bearer-auth
CVE-2017-3151 Vulnerability in maven package org.apache.atlas:apache-atlas
CVE-2020-1948 Vulnerability in maven package org.apache.dubbo:dubbo-rpc-api