Description
nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/484
Related Vulnerabilities
CVE-2021-37580 Vulnerability in maven package org.apache.shenyu:shenyu-admin
CVE-2022-22881 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base
CVE-2022-39944 Vulnerability in maven package org.apache.linkis:linkis-engineplugin-jdbc
CVE-2019-10773 Vulnerability in npm package @pnpm/package-bins
CVE-2020-11022 Vulnerability in maven package org.webjars.npm:jquery