Description
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/503
Related Vulnerabilities
CVE-2020-26237 Vulnerability in npm package highlight.js
CVE-2023-26127 Vulnerability in npm package n158
CVE-2023-37903 Vulnerability in npm package vm2
CVE-2020-2244 Vulnerability in maven package org.jenkins-ci.plugins:build-failure-analyzer
CVE-2020-35451 Vulnerability in maven package org.apache.oozie:oozie-tools