Description
proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/515
Related Vulnerabilities
CVE-2018-25031 Vulnerability in maven package com.microfocus.webjars:swagger-ui-dist
CVE-2017-2606 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2013-4317 Vulnerability in maven package org.apache.cloudstack:cloudstack
CVE-2021-41973 Vulnerability in maven package org.apache.mina:mina-http
CVE-2022-38370 Vulnerability in maven package org.apache.iotdb:iotdb-grafana-connector