Description
nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/509
Related Vulnerabilities
CVE-2020-10705 Vulnerability in maven package io.undertow:undertow-core
CVE-2021-22569 Vulnerability in maven package com.google.protobuf:protobuf-java
CVE-2021-43307 Vulnerability in npm package semver-regex
CVE-2017-4974 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-server
CVE-2023-45277 Vulnerability in maven package org.yamcs:yamcs-core