Description
nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Remediation
References
https://nodesecurity.io/advisories/519
Related Vulnerabilities
CVE-2018-3744 Vulnerability in npm package html-pages
CVE-2023-26127 Vulnerability in npm package n158
CVE-2021-27738 Vulnerability in maven package org.apache.kylin:kylin-stream-coordinator
CVE-2019-16772 Vulnerability in npm package serialize-to-js
CVE-2019-10410 Vulnerability in maven package org.jenkins-ci.plugins:log-parser