Description
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/510
Related Vulnerabilities
CVE-2019-10789 Vulnerability in npm package curling
CVE-2023-36472 Vulnerability in npm package @strapi/plugin-content-manager
CVE-2018-1305 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2017-16063 Vulnerability in npm package node-opensl
CVE-2022-40149 Vulnerability in maven package org.codehaus.jettison:jettison