Description
http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/514
Related Vulnerabilities
CVE-2023-48711 Vulnerability in npm package google-translate-api-browser
CVE-2020-7600 Vulnerability in npm package querymen
CVE-2020-7780 Vulnerability in maven package com.softwaremill.akka-http-session:core_2.13
CVE-2017-16051 Vulnerability in npm package sqliter
CVE-2020-17518 Vulnerability in maven package org.apache.flink:flink-runtime_2.11