Description
`node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/489
Related Vulnerabilities
CVE-2021-23353 Vulnerability in maven package org.webjars.bowergithub.mrrio:jspdf
CVE-2020-7693 Vulnerability in npm package sockjs
CVE-2022-26884 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-server
CVE-2018-1321 Vulnerability in maven package org.apache.syncope:syncope-core
CVE-2020-5230 Vulnerability in maven package org.opencastproject:base