Description
ffmepg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/507
Related Vulnerabilities
CVE-2021-21175 Vulnerability in npm package electron
CVE-2017-14868 Vulnerability in maven package org.restlet.osgi:org.restlet
CVE-2019-15658 Vulnerability in npm package connect-pg-simple
CVE-2020-13933 Vulnerability in maven package org.apache.shiro:shiro-web
CVE-2016-1000232 Vulnerability in maven package org.webjars.npm:tough-cookie