Description
nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/484
Related Vulnerabilities
CVE-2020-7640 Vulnerability in npm package pixl-class
CVE-2022-25860 Vulnerability in npm package simple-git
CVE-2021-21162 Vulnerability in maven package org.webjars.npm:electron
CVE-2017-16030 Vulnerability in maven package org.webjars.npm:useragent
CVE-2022-25863 Vulnerability in npm package gatsby-plugin-mdx