Description
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/503
Related Vulnerabilities
CVE-2023-46494 Vulnerability in npm package @evershop/evershop
CVE-2018-11775 Vulnerability in maven package org.apache.activemq:activemq-client
CVE-2023-44487 Vulnerability in maven package io.helidon.http:helidon-http-http2
CVE-2018-20801 Vulnerability in maven package org.webjars:highcharts
CVE-2022-36010 Vulnerability in npm package react-editable-json-tree