Description
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/510
Related Vulnerabilities
CVE-2017-16114 Vulnerability in npm package marked
CVE-2018-1000136 Vulnerability in npm package electron
CVE-2022-43433 Vulnerability in maven package io.jenkins.plugins:screenrecorder
CVE-2017-7656 Vulnerability in maven package org.eclipse.jetty:jetty-server
CVE-2022-28220 Vulnerability in maven package org.apache.james.protocols:protocols-netty