Description
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/503
Related Vulnerabilities
CVE-2016-6347 Vulnerability in maven package org.jboss.resteasy:resteasy-jaxrs
CVE-2020-28278 Vulnerability in npm package shvl
CVE-2018-3722 Vulnerability in npm package merge-deep
CVE-2017-16148 Vulnerability in npm package serve46
CVE-2021-43980 Vulnerability in maven package org.apache.tomcat:tomcat