Description
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/503
Related Vulnerabilities
CVE-2020-7779 Vulnerability in npm package djvalidator
CVE-2019-1003034 Vulnerability in maven package org.jenkins-ci.plugins:job-dsl
CVE-2016-10598 Vulnerability in npm package arrayfire-js
CVE-2022-23437 Vulnerability in maven package xerces:xercesimpl
CVE-2021-21697 Vulnerability in maven package org.jenkins-ci.main:jenkins-core