Lucene search
China National Vulnerability DatabaseCNVD-2021-102384HistoryDec 24, 2021 - 12:00 a.m.
Nodejs command injection vulnerability
2021-12-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
nodejs
command injection
lib/cmd.js
vulnerability
detailed
pid parameter
event-driven
non-blocking io
package
chromev8 engine
EPSS
0.005
Percentile
77.3%
nodejs is a JavaScript runtime environment based on the ChromeV8 engine that makes it possible to develop high-performance backend applications using Javascript through the packaging of the Chromev8 engine and the use of event-driven and non-blocking IO applications. .0-beta.6 before the node-windows package, lib/cmd.js allows command injection via the PID parameter. No detailed vulnerability details are currently available.
Related
osv
osv
Command Injection in node-windows
2022-01-05 20:39:21
nvd
nvd
CVE-2021-45459
2021-12-22 06:15:07
cve
cve
CVE-2021-45459
2021-12-22 06:15:07
veracode
veracode
Command Injection
2021-12-23 03:33:12
prion
prion
Command injection
2021-12-22 06:15:00
github
github
Command Injection in node-windows
2022-01-05 20:39:21
cvelist
cvelist
CVE-2021-45459
2021-12-22 05:26:49