Описание
OS Command Injection in lsof
All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input.
Пакеты
Наименование
lsof
npm
Затронутые версииВерсия исправления
<= 0.0.4
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
около 6 лет назад
All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input.