Description
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/510
Related Vulnerabilities
CVE-2023-40787 Vulnerability in maven package org.springblade:blade-core-tool
CVE-2016-5393 Vulnerability in maven package org.apache.hadoop:hadoop-common
CVE-2023-26486 Vulnerability in npm package vega-functions
CVE-2023-37944 Vulnerability in maven package org.datadog.jenkins.plugins:datadog
CVE-2020-2136 Vulnerability in maven package org.jenkins-ci.plugins:git