Description
nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/508
Related Vulnerabilities
CVE-2016-4464 Vulnerability in maven package org.apache.cxf.fediz:plugin
CVE-2018-6874 Vulnerability in maven package org.webjars.npm:auth0-js
CVE-2021-42357 Vulnerability in maven package org.apache.knox:gateway-service-knoxsso
CVE-2020-28487 Vulnerability in maven package org.webjars.bowergithub.visjs:vis-timeline
CVE-2020-2126 Vulnerability in maven package com.dubture.jenkins:digitalocean-plugin