Description
`sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/486
Related Vulnerabilities
CVE-2021-23337 Vulnerability in maven package org.fujion.webjars:lodash
CVE-2022-41878 Vulnerability in npm package parse-server
CVE-2020-1948 Vulnerability in maven package org.apache.dubbo:dubbo-rpc-dubbo
CVE-2018-1000006 Vulnerability in maven package org.webjars.npm:electron
CVE-2022-23082 Vulnerability in maven package io.whitesource:curekit