Description
tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/500
Related Vulnerabilities
CVE-2022-33140 Vulnerability in maven package org.apache.nifi:nifi-shell-authorizer
CVE-2019-1003045 Vulnerability in maven package de.eacg:ecs-publisher
CVE-2022-44621 Vulnerability in maven package org.apache.kylin:kylin-server-base
CVE-2023-31065 Vulnerability in maven package org.apache.inlong:manager-service
CVE-2019-3888 Vulnerability in maven package io.undertow:undertow-core