Description
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/504
Related Vulnerabilities
CVE-2019-19771 Vulnerability in npm package bitconid-rpc
CVE-2023-25768 Vulnerability in maven package org.jenkins-ci.plugins:azure-credentials
CVE-2013-1965 Vulnerability in maven package org.apache.struts.xwork:xwork-core
CVE-2018-1000536 Vulnerability in npm package medis
CVE-2021-41973 Vulnerability in maven package org.apache.mina:mina-http