Description
`d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/497
Related Vulnerabilities
CVE-2023-25576 Vulnerability in npm package @fastify/multipart
CVE-2022-39202 Vulnerability in npm package matrix-appservice-irc
CVE-2017-16067 Vulnerability in npm package node-opencv
CVE-2021-23632 Vulnerability in npm package git
CVE-2023-0044 Vulnerability in maven package io.quarkus:quarkus-vertx-http