Description
openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/504
Related Vulnerabilities
CVE-2020-10672 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2019-9155 Vulnerability in maven package org.webjars.npm:openpgp
CVE-2018-1999032 Vulnerability in maven package org.jenkins-ci.plugins:pangolin-testrail-connector
CVE-2021-21422 Vulnerability in npm package mongo-express
CVE-2020-11022 Vulnerability in maven package org.webjars.bowergithub.jquery:jquery