Description
proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/515
Related Vulnerabilities
CVE-2020-2281 Vulnerability in maven package org.6wind.jenkins:lockable-resources
CVE-2016-10575 Vulnerability in npm package kindlegen
CVE-2020-2166 Vulnerability in maven package de.taimos:pipeline-aws
CVE-2021-32620 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2018-11039 Vulnerability in maven package org.springframework:spring-web