Description
gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/498
Related Vulnerabilities
CVE-2016-10626 Vulnerability in npm package mystem3
CVE-2018-20676 Vulnerability in maven package org.webjars.npm:bootstrap
CVE-2021-44548 Vulnerability in maven package org.apache.solr:solr-core
CVE-2020-7746 Vulnerability in npm package chart.js
CVE-2013-1966 Vulnerability in maven package com.opensymphony:xwork-core