Description
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/504
Related Vulnerabilities
CVE-2021-26117 Vulnerability in maven package org.apache.activemq:artemis-server
CVE-2017-14063 Vulnerability in maven package org.asynchttpclient:async-http-client
CVE-2020-12648 Vulnerability in npm package tinymce
CVE-2019-10157 Vulnerability in npm package keycloak-connect
CVE-2019-16562 Vulnerability in maven package org.jenkins-ci.plugins:buildgraph-view