CVE-2017-16075
CVE-2017-16075 corresponds to the http-proxy.js package that was published as malware with the intent to hijack environment variables and exfiltrate them to attacker-controlled locations. The npm advisory and related records note that all versions were unpublished from the npm registry. Connected...