Description
ffmepg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/507
Related Vulnerabilities
CVE-2020-10714 Vulnerability in maven package org.wildfly.security:wildfly-elytron
CVE-2017-16148 Vulnerability in npm package serve46
CVE-2022-31083 Vulnerability in npm package parse-server
CVE-2019-19771 Vulnerability in npm package hdkye
CVE-2022-31160 Vulnerability in maven package org.webjars:jquery-ui