Description
nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/484
Related Vulnerabilities
CVE-2018-16490 Vulnerability in npm package mpath
CVE-2020-27216 Vulnerability in maven package jetty:jetty
CVE-2020-2146 Vulnerability in maven package fr.edf.jenkins.plugins:mac
CVE-2020-7733 Vulnerability in npm package ua-parser-js
CVE-2021-27905 Vulnerability in maven package org.apache.solr:solr-core