CVE-2017-16078
CVE-2017-16078
shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Affected products
HackerOne · shadowsock node moduleWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://nodesecurity.io/advisories/517