Description
`sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/486
Related Vulnerabilities
CVE-2020-2170 Vulnerability in maven package org.jenkins-ci.plugins:rapiddeploy-jenkins
CVE-2022-4640 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2014-3558 Vulnerability in maven package org.hibernate:hibernate-validator
CVE-2021-23352 Vulnerability in npm package madge
CVE-2012-5817 Vulnerability in maven package org.codehaus.xfire:xfire-core