Description
nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/511
Related Vulnerabilities
CVE-2018-14042 Vulnerability in maven package org.webjars.npm:bootstrap
CVE-2017-16116 Vulnerability in npm package string
CVE-2023-36542 Vulnerability in maven package org.apache.nifi:nifi-record-serialization-services
CVE-2013-7370 Vulnerability in maven package org.webjars.npm:connect
CVE-2019-10431 Vulnerability in maven package org.jenkins-ci.plugins:script-security