Description
proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/515
Related Vulnerabilities
CVE-2020-1938 Vulnerability in maven package org.apache.tomcat:tomcat-util
CVE-2018-1000096 Vulnerability in npm package tiny-json-http
CVE-2020-8570 Vulnerability in maven package io.kubernetes:client-java
CVE-2016-0779 Vulnerability in maven package org.apache.tomee:openejb-core
CVE-2020-1957 Vulnerability in maven package org.apache.shiro:shiro-web