Description
`nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/488
Related Vulnerabilities
CVE-2022-25758 Vulnerability in maven package org.webjars.npm:scss-tokenizer
CVE-2021-32732 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui
CVE-2017-5653 Vulnerability in maven package org.apache.cxf:cxf-rt-rs-security-xml
CVE-2017-5651 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2021-41183 Vulnerability in maven package org.webjars.bower:jquery-ui