Description
opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/505
Related Vulnerabilities
CVE-2021-29459 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web
CVE-2023-33831 Vulnerability in npm package @frangoteam/fuxa
CVE-2020-28477 Vulnerability in maven package org.webjars.npm:immer
CVE-2021-28092 Vulnerability in maven package org.webjars:is-svg
CVE-2022-25863 Vulnerability in npm package gatsby-plugin-mdx