Description
http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/514
Related Vulnerabilities
CVE-2021-29506 Vulnerability in maven package com.graphhopper:graphhopper-nav
CVE-2022-29823 Vulnerability in npm package feathers-sequelize
CVE-2019-10367 Vulnerability in maven package io.jenkins:configuration-as-code
CVE-2021-32014 Vulnerability in npm package xlsx
CVE-2023-43123 Vulnerability in maven package org.apache.storm:storm-core