Description
nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/511
Related Vulnerabilities
CVE-2022-25647 Vulnerability in maven package com.google.code.gson:gson
CVE-2022-24822 Vulnerability in npm package @podium/layout
CVE-2022-23708 Vulnerability in maven package org.elasticsearch:elasticsearch
CVE-2016-10582 Vulnerability in npm package closurecompiler
CVE-2016-15025 Vulnerability in npm package generator-hottowel