Количество 2
Количество 2
CVE-2021-23360
This affects the package killport before 1.0.2. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. Running this PoC will cause the command touch success to be executed, leading to the creation of a file called success.
GHSA-fc42-h7q4-qp8h
Command Injection in killport
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-23360 This affects the package killport before 1.0.2. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. Running this PoC will cause the command touch success to be executed, leading to the creation of a file called success. | CVSS3: 7.5 | 1% Низкий | почти 5 лет назад |
| GHSA-fc42-h7q4-qp8h Command Injection in killport | CVSS3: 7.5 | 1% Низкий | почти 5 лет назад |
Уязвимостей на страницу