Description
nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/509
Related Vulnerabilities
CVE-2014-3558 Vulnerability in maven package org.hibernate:hibernate-validator
CVE-2012-3451 Vulnerability in maven package org.apache.cxf:cxf-rt-bindings-soap
CVE-2019-10322 Vulnerability in maven package org.jenkins-ci.plugins:artifactory
CVE-2020-36180 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2023-23847 Vulnerability in maven package org.jenkins-ci.plugins:synopsys-coverity