Description
mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/516
Related Vulnerabilities
CVE-2018-14731 Vulnerability in npm package parcel-bundler
CVE-2022-25979 Vulnerability in npm package jsuites
CVE-2022-36910 Vulnerability in maven package org.jenkins-ci.plugins:lucene-search
CVE-2021-23329 Vulnerability in npm package nested-object-assign
CVE-2022-0436 Vulnerability in maven package org.webjars.npm:grunt